SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.
History

Sat, 28 Sep 2024 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Sat, 28 Sep 2024 22:15:00 +0000

Type Values Removed Values Added
Description SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability. SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.
Weaknesses CWE-732

Thu, 26 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-09-12T02:03:05.907Z

Updated: 2024-09-28T22:11:29.586Z

Reserved: 2023-08-17T18:10:44.965Z

Link: CVE-2023-40622

cve-icon Vulnrichment

Updated: 2024-08-02T18:38:50.992Z

cve-icon NVD

Status : Modified

Published: 2023-09-12T03:15:12.813

Modified: 2024-11-21T08:19:50.443

Link: CVE-2023-40622

cve-icon Redhat

No data.