SAP Business One (Backup Service) Admin Password Information Disclosure Vulnerability

CVE-2020-6239 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure.

Learn more about our User Device Pen Test.