Business Planning And Consolidation Security Vulnerabilities and Issues — Business Planning And Consolidation CVE List

Lucene search

SapBusiness Planning And Consolidation

3 matches found

CVE•added 2023/01/10 4:15 a.m.•57 views

CVE-2023-0016

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database.

9.9CVSS9AI score0.00175EPSS

CVE•added 2023/05/09 2:15 a.m.•56 views

CVE-2023-31407

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

5.4CVSS5.3AI score0.00305EPSS

CVE•added 2023/02/14 4:15 a.m.•45 views

CVE-2023-23851

SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. If other users visit the uploaded malicious web page, the attacker may perform actions on behalf of the us...

5.4CVSS5.5AI score0.00156EPSS