CVE-2026-44755 Email Spoofing vulnerability in SAP Business Objects Business Intelligence Platform

SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerability has a low impact on integrity and does not affect the confidentiality and availability of th...

CVE-2026-44755

CVE-2026-44755 affects SAP Business Objects Business Intelligence Platform. The issue arises from insufficient validation of email sending parameters by authenticated users, enabling email spoofing. Impact is described as low for integrity and no impact on confidentiality or availability (CVSS v3...

PT-2026-39917

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several SAP products, including SAP Supplier Relationship Management, SAP BusinessObjects Business Intelligence Platform, SAP NetWeaver Application Server Java and ABAP, SAP Landscape Transformation, SAP Business Planning and Consolidation, SAP Business Warehouse,...

CVE-2026-24318

The CVE concerns SAP Business Objects BI Platform. An insecure session management flaw could allow an unauthenticated attacker to obtain valid session tokens and reuse them to access or modify data within a victim’s session scope, impacting confidentiality and integrity (availability unchanged). ...

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a set of business intelligence software and enterprise performance solutions provided by the German company SAP. This product includes features such as report generation, analysis, and data visualization. There is a security vulnerability in...

CVE-2026-0490

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on th...

CVE-2026-0485 Denial of service (DOS) vulnerability in SAP BusinessObjects BI Platform

SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server CMS to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, renderin...

CVE-2026-0485

The CVE-2026-0485 entry relates to SAP BusinessObjects BI Platform where an unauthenticated attacker can send specially crafted requests that cause the Content Management Server (CMS) to crash and restart, leading to persistent unavailability. The impact is strictly on availability with confident...

SAP BusinessObjects Business Intelligence Platform 输入验证错误漏洞

The SAP BusinessObjects Business Intelligence Platform is a comprehensive business analytics platform developed by the German company SAP. This platform integrates market-leading SAP data integration products, data management products, and business intelligence BI solutions. It eliminates...

CVE-2025-42988

Under certain conditions, SAP Business Objects Business Intelligence Platform allows an unauthenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. This disclosure of information could further enable the researcher to cause SSRF. It has no...

SAP Business Objects Business Intelligence Platform 代码问题漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. A code issue vulnerability exists in SAP Business Objects Business...

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP Financial Consolidation, SAP Landscape Transformation, SAP NetWeaver Application Server ABAP, SAP Commerce Cloud, SAP ERP BW, SAP BusinessObjects Business Intelligence Platform, SAP KMC WPC, SAP Solution Manager, SAP S4CORE, and SAP...

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence Platform allows a hacker to modify arbitrary files and cause service interruptions.

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence Platform is related to errors in inherited permissions. Exploiting this vulnerability could allow attackers to modify arbitrary files and cause service failures...

SAP BusinessObjects Business Intelligence Platform 安全漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. An information disclosure vulnerability exists in SAP Business Objects Business Intelligence Platform, which stems from the application's inadequate...

PT-2025-6127 · Sap · Sap Businessobjects Bi Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Platform BI Launchpad affected versions not specified Description: The issue arises from insufficient handling of user input, resulting in a Cross-Site Scripting XSS vulnerability. This allows an unauthenticated attacker t...

CVE-2022-41267

SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrit...

CVE-2024-41731

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application...

PT-2023-28363 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP Business Objects Business Intelligence Platform affected versions not specified Description: The issue allows an attacker to upload agnostic documents in the system, which when opened by any other user, could lead to a high impact on the...