Information Disclosure Vulnerability in SAP BusinessObjects Business Intelligence Platform
CVE-2019-0333
6.5MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 August 2019
What is CVE-2019-0333?
In SAP BusinessObjects Business Intelligence Platform (Web Intelligence) versions 4.2 and 4.3, an information disclosure vulnerability exists when a client cancels a query. In these scenarios, attackers may exploit the situation to retrieve the entire data set rather than being limited to information allowed by their security profile. This weakness can potentially expose sensitive data, raising significant concerns for organizations relying on this platform for data analytics.
Affected Version(s)
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) < 4.2