CVE-2021-42066
N/A
N/A
Summary
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely compromise confidentiality, integrity, and availability of the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Business One | < 10.0 | affected |
Weaknesses
- CWE-312: CWE-312
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/3101299
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035
References
- https://launchpad.support.sap.com/#/notes/3101299
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.