CVE-2021-27614

7.3HIGH

Key Information:

Vendor: SAP
Status: SAP Business One, Version For SAP Hana (cookbooks)
Vendor: CVE Published:; 11 May 2021

Summary

SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereby highly impacting the integrity and availability of the application.

Affected Version(s)

SAP Business One, version for SAP HANA (Cookbooks) < 8.82 < 8.82

SAP Business One, version for SAP HANA (Cookbooks) < 9.0 < 9.0

SAP Business One, version for SAP HANA (Cookbooks) < 9.1 < 9.1

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/3049661

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 11, 2021
Vulnerability Reserved
Feb 23, 2021