4 matches found
CVE-2026-0485
SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server CMS to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, renderin...
CVE-2023-40622
SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application...
CVE-2023-28765
CVE-2023-28765 concerns SAP BusinessObjects Business Intelligence Platform (Promotion Management) prior to patch versions; specifically 420 and 430. The root cause involves handling of the internal file lcmbiar , enabling a basic-privilege attacker to access and decrypt the file, potentially expo...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in SAP products. An authentication check was missing in SAP Solution Manager. The vulnerabilities in SAP BusinessObjects Business Intelligence Platform were not explained further. SAP has released updates to fix the vulnerabilities. More information can be found on...