CVE-2021-33686

Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get access to some encrypted sensitive information, but does not have control over kind or degree.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
sapCNA
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
sapbusiness_one
10.0
𝑥
= Vulnerable software versions
References
https://launchpad.support.sap.com/#/notes/3070138
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405
https://launchpad.support.sap.com/#/notes/3070138
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405