CVE-2021-27613
published 2021-05-11CVE-2021-27613: Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | chef_business-one-cookbook | — | — |
| sap_se | sap_business_one | < 9.2 | 9.2 |
| sap_se | sap_business_one | < 9.3 | 9.3 |
| sap_se | sap_business_one | < 10.0 | 10.0 |