Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management)
CVE-2023-40622
9.9CRITICAL
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 12 September 2023
What is CVE-2023-40622?
A vulnerability exists in the SAP BusinessObjects Business Intelligence Platform, specifically within its Promotion Management feature. Under specific conditions, an authenticated attacker can exploit this flaw to gain access to sensitive information that is normally restricted. This exploitation may lead to a complete compromise of the application, posing severe risks to the confidentiality, integrity, and availability of data.
Affected Version(s)
SAP BusinessObjects Business Intelligence Platform (Promotion Management) 420
SAP BusinessObjects Business Intelligence Platform (Promotion Management) 430