CVE-2020-6239

Name of the Vulnerable Software and Affected Versions SAP Business One versions 9.3, 10.0

Description The issue allows an attacker with admin permissions to view the SYSTEM user password in clear text under certain conditions, leading to information disclosure.

Recommendations For versions 9.3 and 10.0, consider restricting access to the Backup service to minimize the risk of exploitation until a fix is available. As a temporary workaround, limit admin permissions to only necessary personnel to reduce the potential for attackers to view sensitive information.