Insecure File Permissions in SAP BusinessObjects Business Intelligence Platform
CVE-2025-31332

6.6MEDIUM

Key Information:

Vendor: SAP
Status: SAP Businessobjects Business Intelligence Platform
Vendor: CVE Published:; 8 April 2025

What is CVE-2025-31332?

An insecure file permissions vulnerability exists in SAP BusinessObjects Business Intelligence Platform, allowing attackers with local system access to modify files. This action could disrupt operational processes and lead to service downtime, ultimately compromising the integrity and availability of the system. It is important to note that this vulnerability does not expose any sensitive data, thereby limiting its potential impact on privacy.

Affected Version(s)

SAP BusinessObjects Business Intelligence Platform ENTERPRISE 430

References

https://me.sap.com/notes/3565751

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 27, 2025