admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-337xx/CVE-2021-33700.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

144 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-33700",
"sourceIdentifier": "cna@sap.com",
"published": "2021-09-15T19:15:09.640",
"lastModified": "2021-09-28T14:10:49.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application."
},
{
"lang": "es",
"value": "SAP Business One, versi\u00f3n - 10.0, permite a un atacante local con acceso al navegador de la v\u00edctima bajo determinadas circunstancias, iniciar sesi\u00f3n como la v\u00edctima sin conocer su contrase\u00f1a. El atacante podr\u00eda as\u00ed conseguir informaci\u00f3n altamente confidencial que el atacante podr\u00eda usar para tomar el control sustancial de la aplicaci\u00f3n vulnerable"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "391F491C-2DE8-44E5-B054-42F188161C8A"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3073325",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806",
"source": "cna@sap.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink