SAP BusinessObject Business Intelligence Launch Pad Vulnerability Could Lead to OS Information Disclosure
CVE-2024-25646

Currently unrated

Key Information:

Vendor: SAP
Vendor: CVE Published:; 9 April 2024

Summary

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application.

References

https://me.sap.com/notes/3421384

https://support.sap.com/en/my-support/knowledge-base/secu...

Timeline

Vulnerability published
Apr 9, 2024