CVE-2023-31403

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Nov 14, 2023

Updated: Nov 20, 2023

CWE ID 863

CWE ID 284

Summary

CVE-2023-31403: A vulnerability was identified in the SAP Business One installation version 10.0, which fails to execute adequate authentication and authorization checks for SMB shared folders. Consequently, unauthorized users can gain read and write access to these folders, compromising confidentiality, integrity, and potentially causing disruptions to availability. Execution of files within these folders is also possible, escalating the potential impact of this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP Business One

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tZCvHZ
https://www.cve.org/CVERecord?id=CVE-2023-31403
https://nvd.nist.gov/vuln/detail/CVE-2023-31403

Back to Vulnerability Database