EUVD-2023-31630

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Attacker can control malicious BOE server in SAP BusinessObjects, impacting application availability.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2023-27896	27 Feb 202518:27	–	circl
CNNVD	SAP BusinessObjects Business Intelligence Platform 代码问题漏洞	14 Mar 202300:00	–	cnnvd
CVE	CVE-2023-27896	14 Mar 202305:02	–	cve
Cvelist	CVE-2023-27896 Server Side Request Forgery (SSRF) in the SAP BusinessObjects Business Intelligence platform	14 Mar 202305:02	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	14 Mar 202300:00	–	ncsc
NVD	CVE-2023-27896	14 Mar 202306:15	–	nvd
OSV	CVE-2023-27896	14 Mar 202306:15	–	osv
Prion	Code injection	14 Mar 202306:15	–	prion
Positive Technologies	PT-2023-21403 · Sap · Sap Businessobjects Business Intelligence Platform	14 Mar 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-27896	23 May 202505:03	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "e639cd5f-10fd-3e3d-930e-cbff4f163a61",
        "vendor": {
          "name": "SAP"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2145cd33-913f-36fc-9f13-71491806f260",
        "product": {
          "name": "BusinessObjects Business Intelligence Platform (Web Services)"
        },
        "product_version": "430"
      },
      {
        "id": "93ec4c1f-fe16-32ed-a969-066966468373",
        "product": {
          "name": "BusinessObjects Business Intelligence Platform (Web Services)"
        },
        "product_version": "420"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

03 Oct 2025 20:07Current

7.5High risk

Vulners AI Score7.5

CVSS 3.16.5 - 7.5

EPSS0.00347

SSVC