{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T00:28:11.879","vulnerabilities":[{"cve":{"id":"CVE-2021-42066","sourceIdentifier":"cna@sap.com","published":"2021-12-14T16:15:09.347","lastModified":"2024-11-21T06:27:10.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely compromise confidentiality, integrity, and availability of the application."},{"lang":"es","value":"SAP Business One - versión 10.0, permite a un usuario administrador ver la contraseña de la base de datos en texto plano a través de la red, que de otro modo debería estar cifrada. Para que un atacante detecte la función vulnerable se requiere un conocimiento profundo de la aplicación, pero una vez explotado el atacante puede ser capaz de comprometer completamente la confidencialidad, integridad y disponibilidad de la aplicación"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:N/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*","matchCriteriaId":"391F491C-2DE8-44E5-B054-42F188161C8A"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/3101299","source":"cna@sap.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035","source":"cna@sap.com","tags":["Patch","Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/3101299","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}