Lucene search
K

SAP BusinessObjects Business Intelligence Platform Deserialization (3617142)

🗓️ 28 Oct 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 2 Views

SAP BusinessObjects BI Platform deserialization flaw via Apache POI in OOXML; versions affected.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: There is a vulnerability in poi-ooxml-5.3.0.jarused by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-31672)
26 Jun 202505:44
ibm
IBM Security Bulletins
Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple vulnerabilities
31 Jul 202514:21
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in Apache POI library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2025-31672)
17 Jun 202509:26
ibm
IBM Security Bulletins
Security Bulletin: IBM Operational Decision Manager for March 2026 - Multiple CVEs addressed
26 Mar 202606:10
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Apache affects IBM watsonx Orchestrate with watsonx Assistant Cartridge
11 Aug 202517:42
ibm
IBM Security Bulletins
Security Bulletin: IBM InfoSphere Information Server is affected by an improper input validation vulnerability in Apache POI (CVE-2025-31672)
29 Sep 202520:55
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 1 of 2)
2 Sep 202518:13
ibm
IBM Security Bulletins
Security Bulletin: Common vulnerabilities addressed in Cloudera Observability 3.6.2
9 Mar 202617:07
ibm
IBM Security Bulletins
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by potential data integrity and denial of service due to Apache POI
6 Apr 202614:33
ibm
IBM Security Bulletins
Security Bulletin: IBM SPSS Modeler is affected by vulnerabilities in Apache POI and Apache Commons Lang
10 Jun 202617:54
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(271808);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/28");

  script_cve_id("CVE-2025-31672");
  script_xref(name:"IAVA", value:"2025-A-0739");

  script_name(english:"SAP BusinessObjects Business Intelligence Platform Deserialization (3617142)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of SAP BusinessObjects Business Intelligence Platform installed on the remote host is prior to 2025 SP000
000500, 4.3 SP004 001400, or 4.3 SP005 000200. It is, therefore, affected by a vulnerability as referenced in the 3617142
advisory. 

  - Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format 
    files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for 
    malicious users to add zip entries with duplicate names (including the path) in the zip. In this case, 
    products reading the affected file could read different data because 1 of the zip entries with the 
    duplicate name is selected over another but different products may choose a different zip entry. 
    (CVE-2025-31672)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://launchpad.support.sap.com/#/notes/3617142");
  script_set_attribute(attribute:"solution", value:
"Upgrade to SAP BusinessObjects Business Intelligence Platform version 2027 SP000 000000 / 2025 SP000 000200 / 4.3 SP004
001300 / 4.3 SP005 000000 or later.");
  script_set_attribute(attribute:"agent", value:"windows");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-31672");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/09/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/09/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:sap:businessobjects_business_intelligence_platform");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("sap_business_objects_intelligence_platform_win_installed.nbin");
  script_require_keys("SMB/Registry/Enumerated", "installed_sw/SAP BusinessObjects Business Intelligence Platform");

  exit(0);
}

include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');

var app_info = vcf::get_app_info(app:'SAP BusinessObjects Business Intelligence Platform', win_local:TRUE);

var constraints = [
  { 'min_version' : '14.3.4', 'fixed_version' : '14.3.4.9999', 'fixed_display' : '4.3 SP004 001400', 'require_paranoia': TRUE},
  { 'min_version' : '14.3.5', 'fixed_version' : '14.3.5.9999', 'fixed_display' : '4.3 SP005 000200', 'require_paranoia': TRUE},
  { 'min_version' : '15.0.0', 'fixed_version' : '15.0.0.9999', 'fixed_display' : '2025 SP000 000500', 'require_paranoia': TRUE}
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_WARNING
);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

28 Oct 2025 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.15.3
EPSS0.01286
SSVC
2