CVE-2021-27614

SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereby highly impacting the integrity and availability of the application.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
sapCNA
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
sapbusiness-one-hana-chef-cookbook
0.1.6
sapbusiness-one-hana-chef-cookbook
0.1.7
sapbusiness-one-hana-chef-cookbook
0.1.19
sapbusiness_one
8.82
sapbusiness_one
9.0
sapbusiness_one
9.1
sapbusiness_one
9.2
sapbusiness_one
9.3
sapbusiness_one
10.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/3049661
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655
https://launchpad.support.sap.com/#/notes/3049661
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655