Vulnerabilities > CVE-2023-25616 - Unspecified vulnerability in SAP Business Objects Business Intelligence Platform 420/430

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

sap

NVD

Published: 2023-03-14

Updated: 2024-11-21

Summary

In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Business Objects Business Intelligence Platform 430 SAP Business Objects Business Intelligence Platform 420	2

References

https://launchpad.support.sap.com/#/notes/3245526
https://launchpad.support.sap.com/#/notes/3245526
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html