CVE-2023-33993

CVSS 3.1 Score 7.5 of 10 (high)

Confidentiality high
Integrity high
Availability high
Attack Complexity high
Privileges Required low
Scope unchanged

Details

Published Aug 8, 2023
Updated: Aug 15, 2023
CWE ID 89

Summary

CVE-2023-33993: SAP Business One's B1i module, affecting version 10.0, contains a vulnerability that allows authenticated users with advanced knowledge to send manipulated queries over the network. This issue can result in the attacker gaining unauthorized access to SQL data, leading to high impact on the application's confidentiality, integrity, and availability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share