Free Trial

CVE-2023-31403 : SAP SAP BUSINESS ONE 10.0 SMB SHARED FOLDER ACCESS CONTROL

Description

SAP Business One installation – version 10.0, does not perform proper authentication and authorization checks for SMB shared folder. As a result, any malicious user can read and write to the SMB shared folder. Additionally, the files in the folder can be executed or be used by the installation process leading to considerable impact on confidentiality, integrity and availability.

References

https://me.sap.com/notes/3355658

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2023-31403 : SAP SAP BUSINESS ONE 10.0 SMB SHARED FOLDER ACCESS CONTROL
CVE-2023-31403 : SAP SAP BUSINESS ONE 10.0 SMB SHARED FOLDER ACCESS CONTROL

Contact us to get started

CVE-2024-3319 : SAILPOINT IDENTITY SECURITY CLOUD TRANSFORM PREVIEW/IDENTITYPROFILE PREVIEW CODE INJECTION

CVE-2024-3319 : SAILPOINT IDENTITY SECURITY CLOUD TRANSFORM PREVIEW/IDENTITYPROFILE PREVIEW CODE INJECTION

Description An issue was identified in the Identity Security Cloud (ISC) Transform preview and IdentityProfile preview API endpoints that allowed

Learn more
CVE-2024-4984 : YOAST SEO PLUGIN UP TO 22.6 ON WORDPRESS DISPLAY_NAME CROSS SITE SCRIPTING

CVE-2024-4984 : YOAST SEO PLUGIN UP TO 22.6 ON WORDPRESS DISPLAY_NAME CROSS SITE SCRIPTING

Description The Yoast SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘display_name’ author meta in all

Learn more
CVE-2024-32888 : AWS AMAZON-REDSHIFT-JDBC-DRIVER UP TO 2.1.0.27 SQL INJECTION

CVE-2024-32888 : AWS AMAZON-REDSHIFT-JDBC-DRIVER UP TO 2.1.0.27 SQL INJECTION

Description The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard

Learn more