8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
0.002 Low
EPSS
Percentile
57.1%
The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is prior to 4.2 SP9 P9, 4.3 SP2 P5 or 4.3 SP3. It is, therefore, affected by multiple vulnerabilities vulnerabilities:
An unauthenticated, remote attacker can view any data available for a business user and put load on the application affecting availability. (CVE-2022-32245)
An network adjacent attacker authenticated as a CMS administrator can, under certain conditions, access the BOE commentary database to retrieve and modify system data. (CVE-2022-32244)
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(164072);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/12");
script_cve_id("CVE-2022-32244", "CVE-2022-32245");
script_xref(name:"IAVA", value:"2022-A-0311");
script_xref(name:"IAVA", value:"2022-A-0406");
script_xref(name:"IAVA", value:"2023-A-0241");
script_name(english:"SAP BusinessObjects Business Intelligence Platform 4.2 < 4.2 SP9 P9 / 4.3 < 4.3 SP2 P5 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is affected by multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is prior to
4.2 SP9 P9, 4.3 SP2 P5 or 4.3 SP3. It is, therefore, affected by multiple vulnerabilities vulnerabilities:
- An unauthenticated, remote attacker can view any data available for a business user and put load on the
application affecting availability. (CVE-2022-32245)
- An network adjacent attacker authenticated as a CMS administrator can, under certain conditions, access
the BOE commentary database to retrieve and modify system data. (CVE-2022-32244)
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's
self-reported version number.");
# https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?18f404d5");
script_set_attribute(attribute:"see_also", value:"https://launchpad.support.sap.com/#/notes/3210823");
script_set_attribute(attribute:"see_also", value:"https://launchpad.support.sap.com/#/notes/3213524");
script_set_attribute(attribute:"solution", value:
"See vendor advisories.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-32245");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/08/09");
script_set_attribute(attribute:"patch_publication_date", value:"2022/08/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/08/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:sap:businessobjects_business_intelligence_platform");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("sap_business_objects_intelligence_platform_win_installed.nbin");
script_require_keys("installed_sw/SAP BusinessObjects Business Intelligence Platform", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
app_info = vcf::get_app_info(app:'SAP BusinessObjects Business Intelligence Platform', win_local:TRUE);
# https://launchpad.support.sap.com/#/notes/0001602088 for translations
constraints = [
{ 'min_version': '14.2', 'fixed_version' : '14.2.9.4302', 'fixed_display': '4.2 SP009 000900'},
{ 'min_version': '14.3', 'fixed_version' : '14.3.2.4304', 'fixed_display': '4.3 SP002 000500 / 4.3 SP003 000000'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
Vendor | Product | Version | CPE |
---|---|---|---|
sap | businessobjects_business_intelligence_platform | cpe:/a:sap:businessobjects_business_intelligence_platform |
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
0.002 Low
EPSS
Percentile
57.1%