CVE-2021-42066

CVE-2021-42066

Vendor Sap Se
Product SAP Business One
Weakness CWE-312 · Cleartext storage
Published December 14, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely compromise confidentiality, integrity, and availability of the application.

Key dates

02Disclosure timeline

December 14, 2021 CVE published
August 4, 2024 Record updated