CVE-2023-25616

Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC)

CVSS 9.9 CRITICALEPSS 0.9%CWE-74

In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Productos afectados

SAP · Business Objects Business Intelligence Platform (CMC)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://launchpad.support.sap.com/#/notes/3245526 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html