HIGH🇬🇧 English

CVE-2022-28214

CVSS 7.8v3.1pub. 2022-05-11upd. 2024-11-21

During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Sap Businessobjects

    APP
    Sap
    420430
  • Sap Businessobjects Business Intelligence

    APP
    Sap
    420430
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-40622CRITICAL9.9ten sam produkt

SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain c...

CVE-2023-28762CRITICAL9.1ten sam produkt

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with ...

CVE-2023-28765CRITICAL9.8ten sam produkt

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management)...

CVE-2019-0259CRITICAL9.8ten sam produkt

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (includin...

CVE-2018-2445CRITICAL9.6ten sam produkt

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate t...

CVE-2022-28214 — HIGH 7.8 | CVEbaza.pl