CVE-2021-38180

SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim allows to execute macros while opening the file and the security settings of Excel allow for command execution.

CVSS v3 9.8 CRITICAL
CVSS v2.0 9.3 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://launchpad.support.sap.com/#/notes/3079427	Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*

History

19 Oct 2021, 00:47

Type	Values Removed	Values Added
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983 - Vendor Advisory
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3079427 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3079427 - Permissions Required
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 9.3 v3 : 9.8
CPE		cpe:2.3:a:sap:business_one:10.0:::::::*

12 Oct 2021, 15:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-10-12 15:15

Updated : 2024-02-04 22:08

NVD link : CVE-2021-38180

Mitre link : CVE-2021-38180

CVE.ORG link : CVE-2021-38180

JSON object : View

Products Affected

sap

business_one

CWE

CWE-1236

Improper Neutralization of Formula Elements in a CSV File

{"id": "CVE-2021-38180", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2021-10-12T15:15:08.720", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3079427", "tags": ["Permissions Required"], "source": "cna@sap.com"}, {"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-1236"}]}], "descriptions": [{"lang": "en", "value": "SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim allows to execute macros while opening the file and the security settings of Excel allow for command execution.\n\n"}, {"lang": "es", "value": "SAP Business One - versi\u00f3n 10.0, permite a un atacante inyectar f\u00f3rmulas cuando se exportan datos a Excel (inyecci\u00f3n CSV) debido a un saneo inapropiado durante la exportaci\u00f3n de datos. Un atacante podr\u00eda as\u00ed ejecutar comandos arbitrarios en el ordenador de la v\u00edctima, pero s\u00f3lo si \u00e9sta permite ejecutar macros mientras abre el archivo y la configuraci\u00f3n de seguridad de Excel permite una ejecuci\u00f3n de comandos"}], "lastModified": "2023-11-07T03:37:23.063", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "391F491C-2DE8-44E5-B054-42F188161C8A"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}