Primary

Context

SAP Business One Information Disclosure Vulnerability in Anonymous API

Vulnerability

An information disclosure vulnerability has been identified in the anonymous API of SAP Business One (SLD). This vulnerability allows an attacker with normal user access to access unauthorized information. While the vulnerability has a low impact on the application's confidentiality, it does not affect integrity or availability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform.

Added: Nov 11, 2025, 1:21 AM

Updated: Nov 11, 2025, 1:21 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Business One Information Disclosure Vulnerability in Anonymous API

Vulnerability

Impact

Remediation

Affected Products

SAP Business One

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating