CVE-2023-37487

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-497
View all →

Vulnerability Description

SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep knowledge perform certain operation to access unintended data over the network which could lead to high impact on confidentiality with no impact on integrity and availability of the application

Related Vulnerabilities

CVE-2019-10243

MEDIUM
CVSS:5.3(Medium)

In Eclipse Kura versions up to 4.0.0, Kura exposes the underlying Ui Web server version in its replies. This can be used as a hint by an attacker to specifically craft attacks to the web server run by...

CWE-4972019

CVE-2020-26076

MEDIUM
CVSS:5.3(Medium)

A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the ...

CWE-4972020

CVE-2021-1234

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be aff...

CWE-4972021

CVE-2021-1535

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected...

CWE-4972021

CVE-2022-38710

MEDIUM
CVSS:5.3(Medium)

IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information that could aid in further attacks against the system. IBM X-Force ID: 23...

CWE-4972022

CVE-2022-43852

MEDIUM
CVSS:5.3(Medium)

IBM Aspera Console 3.4.0 through 3.4.4 could disclose sensitive information in HTTP headers that could be used in further attacks against the system.

CWE-4972022