CVE-2022-35169 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-35169 PUBLISHED CVSS 6 MEDIUM

SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application.

EPSS 0.43% · 62.3th percentile

Risk Scores

CVSS v3.1

6

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

EPSS Score

0.43%

62.3th percentile

Affected Products

Vendor	Product	Versions
SAP SE	SAP BusinessObjects Business Intelligence Platform (LCM)	420, 430
sap	businessobjects_business_intelligence_platform	420, 430

Timeline

Jul 12, 2022 CVE Published
Jul 13, 2022 EPSS Score
Aug 30, 2022 EPSS Score
Oct 15, 2022 EPSS Score
Dec 1, 2022 EPSS Score
Jan 16, 2023 EPSS Score
Mar 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 19, 2023 EPSS Score
Jun 5, 2023 EPSS Score
Jul 21, 2023 EPSS Score
Sep 6, 2023 EPSS Score

References

Open in Interactive Console →