SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3320355 | Permissions Required |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2023-09-12T02:03:05.907Z
Updated: 2023-09-12T02:03:05.907Z
Reserved: 2023-08-17T18:10:44.965Z
Link: CVE-2023-40622
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T03:15:12.813
Modified: 2023-09-13T14:45:47.617
Link: CVE-2023-40622
JSON object: View
Redhat Information
No data.
CWE