VDB
CISA-2023-25616
CISA-2023-25616
PUBLISHED
CVSS 9.9 CRITICAL
Reported by sap · Published March 14, 2023
In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.
Risk Scores
CVSS 3.1
9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP | Business Objects Business Intelligence Platform (CMC) | 420, 430 |
| SAP | Business Objects Business Intelligence Platform (CMC) | 430, 430, 420 |
Timeline
- Mar 14, 2023 CVE Published
- Feb 27, 2025 CVE Updated