CRITICAL🇵🇱 Wersja polska

CVE-2023-0022

CVSS 9.9v3.1pub. 2023-01-10upd. 2024-11-21

SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely compromise the application causing a high impact on the confidentiality, integrity, and availability of the application.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Sap Businessobjects Business Intelligence Platform

    APP
    Sap
    420430
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-0018CRITICAL10.0ten sam produkt

Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platf...

CVE-2020-26831CRITICAL9.6ten sam produkt

SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate upl...

CVE-2020-6294CRITICAL9.1ten sam produkt

Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not pe...

CVE-2020-6242CRITICAL9.8ten sam produkt

SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, all...

CVE-2020-6195CRITICAL9.8ten sam produkt

SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext password in the r...