CVE-2021-27616

HIGH

SAP Business One Hana Chef Cookbook <10.0 - Info Disclosure

Title source: llm

Description

Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted, resulting in Information Disclosure vulnerability highly impacting the confidentiality, integrity and availability of the application.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655

Permissions Required, Vendor Advisory x_refsource_misc

https://launchpad.support.sap.com/#/notes/3049661

Scores

CVSS v3 7.8

EPSS 0.0003

EPSS Percentile 10.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (9)

sap/business-one-hana-chef-cookbook 0.1.6

sap/business-one-hana-chef-cookbook 0.1.7

sap/business-one-hana-chef-cookbook 0.1.19

sap/business_one 8.82

sap/business_one 9.0

sap/business_one 9.1

sap/business_one 9.2

sap/business_one 9.3

sap/business_one 10.0

Published May 11, 2021

Tracked Since Feb 18, 2026