CRITICAL🇵🇱 Wersja polska

CVE-2023-40622

CVSS 9.9v3.1pub. 2023-09-12upd. 2024-11-21

SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Sap Businessobjects Business Intelligence

    APP
    Sap
    420430
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-28762CRITICAL9.1ten sam produkt

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with ...

CVE-2023-28765CRITICAL9.8ten sam produkt

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management)...

CVE-2018-2445CRITICAL9.6ten sam produkt

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate t...

CVE-2025-23192HIGH8.2ten sam produkt

SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store...

CVE-2024-37179HIGH7.7ten sam produkt

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted re...