Vulnerabilities > CVE-2023-39440 - Unspecified vulnerability in SAP Businessobjects Business Intelligence 420

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

high complexity

sap

NVD

Published: 2023-08-08

Updated: 2024-11-21

Summary

In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Businessobjects Business Intelligence 420	1

References

https://me.sap.com/notes/3312586
https://me.sap.com/notes/3312586
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html