Description
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.
References (2)
Core 2
Core References
Permissions Required x_refsource_misc
https://launchpad.support.sap.com/#/notes/3074819
Vendor Advisory x_refsource_misc
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983
Scores
CVSS v3
4.9
EPSS
0.0034
EPSS Percentile
56.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (1)
sap/business_one
10.0
Published
Oct 12, 2021
Tracked Since
Feb 18, 2026