Insecure Temporary Backup Path Allows Information Disclosure in SAP Business One Hana Chef Cookbook

Insecure Temporary Backup Path Allows Information Disclosure in SAP Business One Hana Chef Cookbook

CVE-2021-27616 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted, resulting in Information Disclosure vulnerability highly impacting the confidentiality, integrity and availability of the application.

Learn more about our Web Application Penetration Testing UK.