Remote Code Execution Vulnerability in SAP Business Intelligence
CVE-2014-8666

Currently unrated

Key Information:

Vendor: SAP
Status: Business Intelligence Development Workbench
Vendor: CVE Published:; 6 November 2014

What is CVE-2014-8666?

A vulnerability present in the User & Server configuration and InfoView refresh components of SAP Business Intelligence enables remote attackers to exploit unspecified vectors. This security flaw allows unauthorized users to access sensitive audit event details, posing a potential risk to the integrity and confidentiality of the system. Organizations using affected versions of SAP Business Intelligence should apply mitigations as recommended by SAP to safeguard against possible exploitation.

References

http://blog.onapsis.com/analyzing-sap-security-notes-octo...

x_refsource_MISC

http://service.sap.com/sap/support/notes/0002011395

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 6, 2014