{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T20:51:34.151","vulnerabilities":[{"cve":{"id":"CVE-2021-33700","sourceIdentifier":"cna@sap.com","published":"2021-09-15T19:15:09.640","lastModified":"2024-11-21T06:09:23.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application."},{"lang":"es","value":"SAP Business One, versión - 10.0, permite a un atacante local con acceso al navegador de la víctima bajo determinadas circunstancias, iniciar sesión como la víctima sin conocer su contraseña. El atacante podría así conseguir información altamente confidencial que el atacante podría usar para tomar el control sustancial de la aplicación vulnerable"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*","matchCriteriaId":"391F491C-2DE8-44E5-B054-42F188161C8A"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/3073325","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806","source":"cna@sap.com","tags":["Patch","Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/3073325","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}