CVE-2023-25617

🗓️ 14 Mar 2023 04:42:40Reported by sapType

CVE-2023-25617 SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix

Reporter	Title	Published	Views	Family All 18
BDU FSTEC	The vulnerability of the Central Management Console (CMC) of the SAP Business Objects Business Intelligence Platform allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.	17 Mar 202300:00	–	bdu_fstec
Circl	CVE-2023-25617	16 Mar 202313:40	–	circl
CNNVD	SAP Business Objects 操作系统命令注入漏洞	14 Mar 202300:00	–	cnnvd
Cvelist	CVE-2023-25617 OS Command Execution vulnerability in SAP Business Objects Business Intelligence Platform (Adaptive Job Server)	14 Mar 202304:42	–	cvelist
EUVD	EUVD-2023-29557	3 Oct 202520:07	–	euvd
Github Security Blog	SAP Cloud SDK for AI Python has OS Command Injection when Program Objects Execution is Enabled	14 Mar 202306:30	–	github
NCSC	Vulnerabilities fixed in SAP products	14 Mar 202300:00	–	ncsc
NVD	CVE-2023-25617	14 Mar 202305:15	–	nvd
OSV	CVE-2023-25617	14 Mar 202305:15	–	osv
OSV	GHSA-XXHH-59GH-6FFX SAP Cloud SDK for AI Python has OS Command Injection when Program Objects Execution is Enabled	14 Mar 202306:30	–	osv

NVD

Vulners

Node

sap business_objects_business_intelligence_platformMatch420

sap business_objects_business_intelligence_platformMatch430

[
  {
    "defaultStatus": "unaffected",
    "product": "Business Objects (Adaptive Job Server)",
    "vendor": "SAP",
    "versions": [
      {
        "status": "affected",
        "version": "420"
      },
      {
        "status": "affected",
        "version": "430"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

17 Jun 2026 05:41Current

8.9High risk

Vulners AI Score8.9

CVSS 3.18.8 - 9

EPSS0.00926

SSVC

CWE-78