VDB

CVE-2022-35169

CVE-2022-35169 PUBLISHED CVSS 6 MEDIUM

SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application.

EPSS 0.43% · 62.8th percentile

Risk Scores

CVSS v3.1
6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
EPSS Score
0.43%
62.8th percentile

Affected Products

VendorProductVersions
SAP SESAP BusinessObjects Business Intelligence Platform (LCM)420, 430
sapbusinessobjects_business_intelligence_platform420, 430

Timeline

  • Jul 12, 2022 CVE Published
  • Jul 13, 2022 EPSS Score
  • Aug 30, 2022 EPSS Score
  • Oct 16, 2022 EPSS Score
  • Dec 2, 2022 EPSS Score
  • Jan 18, 2023 EPSS Score
  • Mar 6, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 22, 2023 EPSS Score
  • Jun 8, 2023 EPSS Score
  • Jul 25, 2023 EPSS Score
  • Sep 10, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›