CVE-2023-25616

Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC)

CVSS 9.9 CRITICALEPSS 0.9%CWE-74

In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Produtos afetados

SAP · Business Objects Business Intelligence Platform (CMC)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://launchpad.support.sap.com/#/notes/3245526 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html