CVE-2023-31403

Name of the Vulnerable Software and Affected Versions SAP Business One version 10.0

Description The SAP Business One installation does not perform proper authentication and authorization checks for SMB shared folders. This allows any malicious user to read and write to the SMB shared folder. Additionally, files in the folder can be executed or used by the installation process, leading to considerable impact on confidentiality, integrity, and availability.

Recommendations For SAP Business One version 10.0, consider restricting access to the SMB shared folder until a patch is available. As a temporary workaround, limit the execution of files from the shared folder to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.