CVE-2023-37489

Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or integrity.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*

History

14 Sep 2023, 02:07

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
References (MISC) https://me.sap.com/notes/3352453 - (MISC) https://me.sap.com/notes/3352453 - Permissions Required
References (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory
First Time Sap
Sap businessobjects Business Intelligence
CPE cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*

12 Sep 2023, 11:52

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-12 02:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-37489

Mitre link : CVE-2023-37489

CVE.ORG link : CVE-2023-37489


JSON object : View

Products Affected

sap

  • businessobjects_business_intelligence
CWE
CWE-209

Generation of Error Message Containing Sensitive Information