Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
SAP Business One License service API 访问控制错误漏洞
Vulnerability Description
SAP Business One License service API是德国思爱普(SAP)公司的一项服务。提供了一个统一的服务端点,可以通过 API 调用从 SAP Business One 系统之外的源系统访问业务数据。 SAP Business one License service API 10.0版本存在访问控制错误漏洞。攻击者利用该漏洞通过网络发送恶意 http 请求,从而破坏整个应用程序。
CVSS Information
N/A
Vulnerability Type
N/A