Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-0061

SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application.

Published

2025-01-14T01:15:16.500

Last Modified

2025-10-24T19:14:21.880

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.7 (HIGH)

Weaknesses

Type: Secondary
CWE-497

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	businessobjects_business_intelligence_platform	420	Yes
Application	sap	businessobjects_business_intelligence_platform	430	Yes
Application	sap	businessobjects_business_intelligence_platform	2025	Yes

References

https://me.sap.com/notes/3474398 Permissions Required ([email protected])
https://url.sap/sapsecuritypatchday Patch ([email protected])