In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 28 Sep 2024 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-200 |
Sat, 28 Sep 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity. | In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity. |
Weaknesses | CWE-312 |
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2023-08-08T00:49:17.862Z
Updated: 2024-10-08T16:25:51.455Z
Reserved: 2023-08-01T21:49:02.688Z
Link: CVE-2023-39440
Vulnrichment
Updated: 2024-08-02T18:10:20.683Z
NVD
Status : Modified
Published: 2023-08-08T01:15:20.100
Modified: 2024-11-21T08:15:25.933
Link: CVE-2023-39440
Redhat
No data.