CVE-2021-38179
CVE-2021-38179
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Oct 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.
Affected products
SAP SE · SAP Business OneWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →