CVE-2022-24398

6.5MEDIUM

Key Information:

Vendor: SAP
Status: SAP Business Objects Business Intelligence Platform
Vendor: CVE Published:; 10 March 2022

Summary

Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted.

Affected Version(s)

SAP Business Objects Business Intelligence Platform < 420 < 420

SAP Business Objects Business Intelligence Platform < 430 < 430

References

https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/3103424

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 10, 2022
Vulnerability Reserved
Feb 3, 2022