In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity.
History

Tue, 08 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 28 Sep 2024 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Sat, 28 Sep 2024 22:15:00 +0000

Type Values Removed Values Added
Description In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity. In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to have local access to the system. There is no impact on availability and integrity.
Weaknesses CWE-312

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-08-08T00:49:17.862Z

Updated: 2024-10-08T16:25:51.455Z

Reserved: 2023-08-01T21:49:02.688Z

Link: CVE-2023-39440

cve-icon Vulnrichment

Updated: 2024-08-02T18:10:20.683Z

cve-icon NVD

Status : Modified

Published: 2023-08-08T01:15:20.100

Modified: 2024-11-21T08:15:25.933

Link: CVE-2023-39440

cve-icon Redhat

No data.