Vulnerabilities > SAP > Businessobjects Business Intelligence > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-12 | CVE-2023-40622 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Businessobjects Business Intelligence 420/430 SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. | 9.9 |
| 2023-08-08 | CVE-2023-37490 | Uncontrolled Search Path Element vulnerability in SAP Businessobjects Business Intelligence 420/430 SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. | 9.0 |
| 2023-04-11 | CVE-2023-28765 | Unspecified vulnerability in SAP Businessobjects Business Intelligence 420/430 An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. | 9.8 |
| 2018-08-14 | CVE-2018-2445 | Server-Side Request Forgery (SSRF) vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2 AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability. | 9.6 |