CVE-2023-31403 | Improper Access Control vulnerability in SAP Business One product installation
SAP Business One installation - version 10.0, does not perform proper authentication and authorization checks for SMB shared folder. As a result, any malicious user can read and write to the SMB shared folder. Additionally, the files in the folder can be executed or be used by the installation process leading to considerable impact on confidentiality, integrity and availability.
Conclusion & alert: CVE-2023-31403 is rated Moderate Risk (50.8/100): CVSS Critical severity, with low exploitation likelihood (EPSS 0.44%).Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2023-31403
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).