SAP Business One Hana (Chef Cookbook) - Insecure Temporary File For Incoming & Outgoing Payroll Data - SAP Business One Chef Cookbook 0.1.9 and below for Microsoft Windows Server 2008.
CVE-2021-27613
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SICK-2021-026
SAP
SAP Business One Hana Chef Cookbook
0.1.9 and below
9.2, 9.3, 10.0
SAP Business One Hana Chef Cookbook 0.1.9 and below use an insecure temporary folder C:\Temp to store incoming and outgoing payroll data. An authenticated local attacker with can manipulate sensitive payroll data given there is unprivileged access to all users on the server by sending and receiving data in an insecure temporary folder.
Vendor: Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability.
Vendor has fixed the vulnerability, published a patch, and deprecated the repository.
<PayrollPathInc>C:\Temp\In</PayrollPathInc>
<PayrollPathOut>C:\Temp\Out</PayrollPathOut>
- 2021-04-12 - Researcher discover vulnerabilities
- 2021-04-15 - Vendor deprecates repository
- 2021-05-10 - Vendor assigns CVE-2021-27613
- 2021-05-11 - Vendor publishes vulnerabilities
- 2021-06-08 - Researcher publishes advisory
https://launchpad.support.sap.com/#/notes/3049755
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655
https://github.com/SAP/business-one-chef-cookbook
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-026.md
https://sick.codes/sick-2021-026
Sick Codes: https://github.com/sickcodes || https://twitter.com/sickcodes
Miklos Zoltan: https://twitter.com/mzb4455 || https://www.privacyaffairs.com/authors/miklos/
https://sick.codes/sick-2021-026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27613