Error Handling Vulnerability in SAP Business Objects Business Intelligence Platform
CVE-2025-23185

4.1MEDIUM

Key Information:

Vendor: SAP
Status: SAP Business Objects Business Intelligence Platform
Vendor: CVE Published:; 11 March 2025

What is CVE-2025-23185?

In SAP Business Objects Business Intelligence Platform, improper error handling can lead to the exposure of technical information through exceptions and stack traces. This vulnerability specifically affects users with administrator-level privileges, as they may gain insights into the application's inner workings. While the integrity and availability of the application remain unaffected, the disclosed data could help an attacker facilitate further exploitation of the system.

Affected Version(s)

SAP Business Objects Business Intelligence Platform ENTERPRISE 430

SAP Business Objects Business Intelligence Platform 2025

SAP Business Objects Business Intelligence Platform 2027

References

https://me.sap.com/notes/3549494

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Jan 13, 2025