CVE-2021-33662 — Vulnetix

CVE-2021-33662 PUBLISHED CVSS 6.699999809265137 MEDIUM

Under certain conditions, the installation of SAP Business One, version - 10.0, discloses sensitive information on the file system allowing an attacker to access information which would otherwise be restricted.

EPSS 0.04% · 13.2th percentile

Risk Scores

CVSS v3.0

6.699999809265137

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.04%

13.2th percentile

Affected Products

Vendor	Product	Versions
SAP SE	SAP Business One	< 10.0
sap	business_one	10.0

Timeline

Jun 8, 2021 CVE Published
Jun 10, 2021 EPSS Score
Aug 11, 2021 EPSS Score
Oct 10, 2021 EPSS Score
Dec 10, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 9, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 11, 2022 EPSS Score
Jun 10, 2022 EPSS Score
Aug 11, 2022 EPSS Score
Oct 11, 2022 EPSS Score

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=578125999 advisory
https://launchpad.support.sap.com/#/notes/3058382 url
https://nvd.nist.gov/vuln/detail/CVE-2021-33662 advisory

Open in Interactive Console →