Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-0022

SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely compromise the application causing a high impact on the confidentiality, integrity, and availability of the application.

Published

2023-01-10T04:15:10.080

Last Modified

2024-11-21T07:36:24.740

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.9 (CRITICAL)

Weaknesses

Type: Primary
CWE-94

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	businessobjects_business_intelligence_platform	420	Yes
Application	sap	businessobjects_business_intelligence_platform	430	Yes

References

https://launchpad.support.sap.com/#/notes/3262810 Permissions Required, Vendor Advisory ([email protected])
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory ([email protected])
https://launchpad.support.sap.com/#/notes/3262810 Permissions Required, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)