SecurityWeek reports that three new vulnerabilities impacting SAP software have been addressed as part this month’s Security Patch Day. Most severe of the fixed flaws was a critical improper access control bug in the Business One app, tracked as CVE-2023-31403, which could be leveraged to allow read and write access to the SMB shared folder for anonymous users, according to Onapsis.
Source: SC Magazine