SAP Business One Hana (Chef Cookbook) – Insecure Temporary File For Incoming & Outgoing Payroll Data – SAP Business One Chef Cookbook 0.1.9 and below for Microsoft Windows Server 2008.
SAP Business One Hana Chef Cookbook
0.1.9 and below
Software Component Versions
9.2, 9.3, 10.0
SAP Business One Hana Chef Cookbook 0.1.9 and below use an insecure temporary folder C:\Temp to store incoming and outgoing payroll data. An authenticated local attacker with can manipulate sensitive payroll data given there is unprivileged access to all users on the server by sending and receiving data in an insecure temporary folder.
Vendor: Under certain conditions, SAP Business One Chef cookbook, version – 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability.
Vendor has fixed the vulnerability, published a patch, and deprecated the repository.
Proof of Concept
- 2021-04-12 – Researcher discover vulnerabilities
- 2021-04-15 – Vendor deprecates repository
- 2021-05-10 – Vendor assigns CVE-2021-27613
- 2021-05-11 – Vendor publishes vulnerabilities
- 2021-06-08 – Researcher publishes advisory
Sick Codes: https://github.com/sickcodes || https://twitter.com/sickcodes
Miklos Zoltan: https://twitter.com/mzb4455 || https://www.privacyaffairs.com/authors/miklos/