Vulnerability in SAP BusinessObjects Central Management Console Allows User Impersonation
CVE-2025-0064

8.7HIGH

Key Information:

Vendor: SAP
Status: SAP Businessobjects Business Intelligence Platform (central Management Console)
Vendor: CVE Published:; 11 February 2025

What is CVE-2025-0064?

The Central Management Console of the SAP BusinessObjects Business Intelligence platform presents a vulnerability where an authenticated attacker with administrative privileges can generate or retrieve a secret passphrase. This flaw potentially allows the attacker to impersonate any user within the system, threatening the confidentiality and integrity of user data without affecting system availability. Immediate remediation is advised to prevent unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP BusinessObjects Business Intelligence platform (Central Management Console) ENTERPRISE 430

SAP BusinessObjects Business Intelligence platform (Central Management Console) 2025

References

https://me.sap.com/notes/3525794

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Dec 5, 2024

JSON

SAP

What is CVE-2025-0064?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.