cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-37487,https://securityvulnerability.io/vulnerability/CVE-2023-37487,Security misconfiguration vulnerability in SAP Business One (Service Layer),"SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep knowledge perform certain operation to access unintended data over the network which could lead to high impact on confidentiality with no impact on integrity and availability of the application",SAP,SAP Business One (service Layer),5.3,MEDIUM,0.0006200000061653554,false,false,false,false,,false,false,2023-08-08T01:15:00.000Z,0
CVE-2018-2502,https://securityvulnerability.io/vulnerability/CVE-2018-2502,,"TRACE method is enabled in SAP Business One Service Layer . Attacker can use XST (Cross Site Tracing) attack if frontend applications that are using Service Layer has a XSS vulnerability. This has been fixed in SAP Business One Service Layer (B1_ON_HANA, versions 9.2, 9.3).",SAP,SAP Business One Service Layer (b1 On Hana),6.1,MEDIUM,0.0010499999625608325,false,false,false,false,,false,false,2018-12-11T23:00:00.000Z,0