Description
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereby highly impacting the integrity and availability of the application.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655
Permissions Required, Vendor Advisory x_refsource_misc
https://launchpad.support.sap.com/#/notes/3049661
Scores
CVSS v3
7.1
EPSS
0.0004
EPSS Percentile
12.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-74
Status
published
Products (9)
sap/business-one-hana-chef-cookbook
0.1.6
sap/business-one-hana-chef-cookbook
0.1.7
sap/business-one-hana-chef-cookbook
0.1.19
sap/business_one
8.82
sap/business_one
9.0
sap/business_one
9.1
sap/business_one
9.2
sap/business_one
9.3
sap/business_one
10.0
Published
May 11, 2021
Tracked Since
Feb 18, 2026