← volver
CVE-2024-33004

Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices)

CVSS 4.3 MEDIUMEPSS 0.2%CWE-524CWE-922
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Productos afectados
SAP_SE · SAP BusinessObjects Business Intelligence Platform (Webservices)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://me.sap.com/notes/3449093https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html