Information Disclosure in SAP Business Objects Application
CVE-2026-44743

3.7LOW

Key Information:

Vendor

SAP

Vendor
CVE Published:
9 June 2026

What is CVE-2026-44743?

The SAP Business Objects application may inadvertently reveal sensitive information when accessed through a specific endpoint by an unauthorized user. This vulnerability allows the extraction of confidential data, potentially exposing it to malicious actors. However, the integrity and availability of the application remain unaffected. Regular updates and security patches are essential to mitigate such risks.

Affected Version(s)

SAP Business Objects ENTERPRISE 430

SAP Business Objects 2025

SAP Business Objects 2027

References

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.