SAP Business One installation version 10.0 has an improper access control vulnerability that allows malicious users to read, write, and execute files in the SMB shared folder, posing a significant risk to confidentiality, integrity, and availability.
  • November 16, 2023

Critical Flaw Fixed in SAP Business One Product

Software giant SAP has released its November 2023 Security Patch Day, addressing several vulnerabilities in its products. The most severe vulnerability is an improper access control issue in SAP Business One, which could allow a malicious user to read, write, and execute files in the SMB shared folder. Another critical vulnerability relates to a missing authorization check in SAP CommonCryptoLib, which could result in privilege escalation. The remaining security notes address medium-severity vulnerabilities. SAP has not observed any attacks exploiting these vulnerabilities at present.



Back to Home

Comments

  • No comments yet.

Comment

Recommended

The Ultimate Guide to Linux VPS Hosting for Businesses

The Ultimate Guide to Linux VPS Hosting for Businesses

 https://averthost.com/vps-hosting/

VPS vs Shared Hosting: Which is Right for Your Website?

Categories