CVE-2021-27616 Information

Jun 07, 2022 cve

Description

Under certain conditions SAP Business One Hana Chef Cookbook versions - 8.82 9.0 9.1 9.2 9.3 10.0 used to install SAP Business One for SAP HANA allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted resulting in Information Disclosure vulnerability highly impacting the confidentiality integrity and availability of the application.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://launchpad.support.sap.com/#/notes/3049661 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8

Share on: