CVE-2021-27614

HIGH Year: 2021
CVSS v3 Score
7.3
High
CVSS v2 Score
3.6
Low
Weakness Type
CWE-74
View all →

Vulnerability Description

SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereby highly impacting the integrity and availability of the application.

Related Vulnerabilities

CVE-2015-8800

HIGH
CVSS:7.3(High)

Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical Sy...

CWE-742015

CVE-2017-20197

MEDIUM
CVSS:7.3(High)

A vulnerability was found in propanetank Roommate-Bill-Tracking up to 288437f658fc9ee7d4b92a9da12557024d8bc55c. It has been declared as critical. This vulnerability affects unknown code of the file /i...

CWE-742017

CVE-2018-20914

HIGH
CVSS:7.3(High)

In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368).

CWE-742018

CVE-2020-15255

HIGH
CVSS:7.3(High)

In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example...

CWE-742020

CVE-2021-0553

HIGH
CVSS:7.3(High)

In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. This could lead to local escalation of privilege with User execution privileges...

CWE-742021

CVE-2021-33195

HIGH
CVSS:7.3(High)

Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does no...

CWE-742021