CVE-2021-27614
https://notcve.org/view.php?id=CVE-2021-27614
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereby highly impacting the integrity and availability of the application. SAP Business One Hana Chef Cookbook, versiones 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, usados para instalar SAP Business One en SAP HANA, permite a un atacante inyectar código que puede ser ejecutado por la aplicación. De este modo, un atacante podría controlar el comportamiento de la aplicación, impactando altamente a la integridad y disponibilidad de la aplicación • https://launchpad.support.sap.com/#/notes/3049661 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2021-27616
https://notcve.org/view.php?id=CVE-2021-27616
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted, resulting in Information Disclosure vulnerability highly impacting the confidentiality, integrity and availability of the application. Bajo determinadas condiciones, SAP Business One Hana Chef Cookbook, versiones 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, usadas para instalar SAP Business One para SAP HANA, permite a un atacante explotar una ruta de respaldo temporal no segura y acceder a información que de lo contrario, sería restringido, resultando en una vulnerabilidad de Divulgación de Información impactando altamente la confidencialidad, integridad y disponibilidad de la aplicación • https://launchpad.support.sap.com/#/notes/3049661 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655 •
CVE-2021-27613
https://notcve.org/view.php?id=CVE-2021-27613
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability. Bajo determinadas condiciones SAP Business One Chef cookbook, versiones 9.2, 9.3, 10.0, usado para instalar SAP Business One, permite a un atacante explotar una carpeta temporal no segura para los datos de nómina entrantes y salientes y acceder a información que de otro modo sería restringida, lo que podría conllevar a una Divulgación de Información y a un impacto importante en la confidencialidad, integridad y disponibilidad del sistema • https://launchpad.support.sap.com/#/notes/3049755 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655 •