CVE-2021-38179
First published: Tue Oct 12 2021(Updated: )
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sap Business One | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-38179?
CVE-2021-38179 is a vulnerability in the debug function of the Admin UI of SAP Business One Integration version 10.0.
How does CVE-2021-38179 impact SAP Business One Integration?
CVE-2021-38179 allows the admin user to see captured packet contents, which may include user credentials.
How severe is CVE-2021-38179?
CVE-2021-38179 has a severity rating of medium, with a CVSS score of 4.9.
Is the debug function of the Admin UI enabled by default in SAP Business One Integration?
Yes, the debug function of the Admin UI is enabled by default in SAP Business One Integration version 10.0.
How can I fix CVE-2021-38179 in SAP Business One Integration?
To fix CVE-2021-38179, it is recommended to disable the debug function of the Admin UI or apply the necessary patches provided by SAP.
- collector/nvd-index
- agent/description
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap business one
- version/sap business one/10.0