Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-33686
CVE-2021-33686:
SAP Business One vulnerability analysis and mitigation
Overview
Under certain conditions, SAP Business One version 10.0 contains a vulnerability that allows an unauthorized attacker to access encrypted sensitive information, though the attacker does not have control over the kind or degree of access (CVE Mitre). The vulnerability was discovered and disclosed in May 2021, as indicated by the CVE record creation date of May 28, 2021.
Technical details
The vulnerability affects SAP Business One version 10.0 and involves unauthorized access to encrypted sensitive information. The severity of this vulnerability has not been publicly disclosed with a CVSS score (CERT-FR).
Impact
The vulnerability allows unauthorized attackers to gain access to certain encrypted sensitive information within the SAP Business One system, though the scope and type of accessible information are limited (CVE Mitre).
Mitigation and workarounds
SAP has addressed this vulnerability through a security patch, which is detailed in SAP Security Note 3070138 (SAP Note). Users are advised to apply the available patches to mitigate this vulnerability.
Additional resources
Source: This report was generated using AI
Related SAP Business One vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management