CVE-2021-33700

HIGH Year: 2021
CVSS v3 Score
7.0
High
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-288
View all →

Vulnerability Description

SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application.

Related Vulnerabilities

CVE-2022-42275

HIGH
CVSS:7.1(High)

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.

CWE-2882022

CVE-2025-1739

HIGH
CVSS:7.1(High)

An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrator's credentials in cleart...

CWE-2882025

CVE-2025-30112

HIGH
CVSS:7.1(High)

On 70mai Dash Cam 1S devices, by connecting directly to the dashcam's network and accessing the API on port 80 and RTSP on port 554, an attacker can bypass the device authorization mechanism from the ...

CWE-2882025

CVE-2025-40581

HIGH
CVSS:7.1(High)

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices are vulnerable to an authentication bypas...

CWE-2882025

CVE-2019-5455

MEDIUM
CVSS:6.8(Medium)

Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process.

CWE-2882019

CVE-2019-5473

HIGH
CVSS:7.2(High)

An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4.

CWE-2882019