CVE-2021-33688
published 2021-09-14CVE-2021-33688: SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | business_one | — | — |
| sap_se | sap_business_one | < 10.0 | 10.0 |