CVE-2023-0022 Code Injection vulnerability in SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP)

🗓️ 10 Jan 2023 03:25:36Reported by sapType

Code Injection vulnerability in SAP BusinessObjects BI Analysi

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the SAP BusinessObjects Business Intelligence platform lies in its ability to allow the insertion of code or data, enabling attackers to gain full access to the application.	11 Jan 202300:00	–	bdu_fstec
Circl	CVE-2023-0022	10 Jan 202307:28	–	circl
CNNVD	SAP BusinessObjects Analysis(Edition For Olap) 代码注入漏洞	10 Jan 202300:00	–	cnnvd
CNVD	SAP BusinessObjects Analysis (Edition For Olap) Code Injection Vulnerability	12 Jan 202300:00	–	cnvd
CVE	CVE-2023-0022	10 Jan 202303:25	–	cve
EUVD	EUVD-2023-12127	3 Oct 202520:07	–	euvd
NVD	CVE-2023-0022	10 Jan 202304:15	–	nvd
OSV	CVE-2023-0022	10 Jan 202304:15	–	osv
Prion	Code injection	10 Jan 202304:15	–	prion
Positive Technologies	PT-2023-1013 · Sap · Sap Businessobjects Business Intelligence Analysis Edition For Olap	9 Jan 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "packageName": "SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP)",
    "product": "BusinessObjects Business Intelligence platform (Analysis edition for OLAP)",
    "vendor": "SAP",
    "versions": [
      {
        "status": "affected",
        "version": "420"
      },
      {
        "status": "affected",
        "version": "430"
      }
    ]
  }
]

Source	Link
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
launchpad	www.launchpad.support.sap.com/

10 Jan 2023 03:25Current

9.5High risk

Vulners AI Score9.5

CVSS 3.19.9

EPSS0.00743

CWE-94