Information Disclosure Vulnerability in SAP BusinessObjects Business Intelligence Platform
CVE-2025-0061

Currently unrated

Key Information:

Vendor: SAP
Vendor: CVE Published:; 14 January 2025

Summary

The SAP BusinessObjects Business Intelligence Platform contains an information disclosure vulnerability that allows an unauthenticated attacker to hijack user sessions over the network. This vulnerability enables attackers to access and alter all application data without requiring user interaction, posing significant risks to data integrity and confidentiality.

References

https://me.sap.com/notes/3474398

https://url.sap/sapsecuritypatchday

Timeline

Vulnerability published
Jan 14, 2025