Lucene search
HistoryAug 13, 2024 - 4:15 a.m.
CVE-2024-41731
sap businessobjects
authenticated attacker
upload
malicious code
network
execution
application security
exploitation
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0
Percentile
14.7%
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful exploitation,
the attacker can cause a low impact on the Integrity of the application.
Affected configurations
Node
sapbusiness_objects_business_intelligence_platformMatch430
ORsapbusiness_objects_business_intelligence_platformMatch440
ORsapbusiness_objects_business_intelligence_platformMatchenterprise_420
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | business_objects_business_intelligence_platform | 430 | cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:*:*:*:*:*:*:* |
| sap | business_objects_business_intelligence_platform | 440 | cpe:2.3:a:sap:business_objects_business_intelligence_platform:440:*:*:*:*:*:*:* |
| sap | business_objects_business_intelligence_platform | enterprise_420 | cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_420:*:*:*:*:*:*:* |
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0
Percentile
14.7%
Related for NVD:CVE-2024-41731