Lucene search
HistoryAug 13, 2024 - 4:15 a.m.
CVE-2024-28166
sap businessobjects business intelligence
authenticated attacker
upload malicious code
network
execution
low impact
integrity
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0
Percentile
14.7%
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful
exploitation, the attacker can cause a low impact on the Integrity of the
application.
Affected configurations
Node
sapbusiness_objects_business_intelligence_platformMatch430
ORsapbusiness_objects_business_intelligence_platformMatch440
ORsapbusiness_objects_business_intelligence_platformMatchenterprise_420
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | business_objects_business_intelligence_platform | 430 | cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:*:*:*:*:*:*:* |
| sap | business_objects_business_intelligence_platform | 440 | cpe:2.3:a:sap:business_objects_business_intelligence_platform:440:*:*:*:*:*:*:* |
| sap | business_objects_business_intelligence_platform | enterprise_420 | cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_420:*:*:*:*:*:*:* |
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0
Percentile
14.7%
Related for NVD:CVE-2024-28166