CVE-2021-27613

Published: May 11, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability.

Affected (1)

Products: Sap: Chef Business One Cookbook

1 product

Chef Business One Cookbook

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Chef Business One Cookbook	Version 0.1.9

References (4)

https://launchpad.support.sap.com/#/notes/3049755

Source: cna@sap.com

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/3049755

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.