Vulnerability in SAP BusinessObjects Business Intelligence Platform
CVE-2025-25245

5.4MEDIUM

Key Information:

Vendor: SAP
Status: SAP Businessobjects Business Intelligence Platform (web Intelligence)
Vendor: CVE Published:; 11 March 2025

What is CVE-2025-25245?

The SAP BusinessObjects Business Intelligence Platform (Web Intelligence) features a deprecated web application endpoint that lacks sufficient security measures. This vulnerability allows attackers to inject malicious URLs into the data sent back to users. While exploitation impacts the confidentiality and integrity of user data in the browser context, the overall availability of the system remains unaffected. It's crucial for users and administrators to address this vulnerability promptly to prevent potential data compromise.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) ENTERPRISE 430

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 2025

References

https://me.sap.com/notes/3557469

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Feb 4, 2025

JSON

SAP