Primary

Context

SAP Business One Integration Framework Security Settings Bypass Vulnerability

Vulnerability

A vulnerability exists in the SAP Business One Integration Framework due to inadequate validation of security settings. This flaw allows attackers to circumvent the 403 Forbidden error and gain access to restricted pages, potentially compromising the application's confidentiality. However, there is no impact on integrity or availability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to restricted pages, bypassing standard access controls.

Remediation

Users are advised to review and implement the latest SAP Security Notes. These can be accessed through the SAP for Me platform, specifically in the Security Notes section. SAP Security Patch Day occurs on the second Tuesday of each month, when new security notes are released.

Added: Jun 10, 2025, 1:18 AM

Updated: Jun 10, 2025, 1:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Business One Integration Framework Security Settings Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating