Vulnerabilities > SAP > Businessobjects Business Intelligence > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-40622 Incorrect Permission Assignment for Critical Resource vulnerability in SAP Businessobjects Business Intelligence 420/430
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted.
network
low complexity
sap CWE-732
critical
9.9
2023-08-08 CVE-2023-37490 Uncontrolled Search Path Element vulnerability in SAP Businessobjects Business Intelligence 420/430
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process.
low complexity
sap CWE-427
critical
9.0