Privilege Escalation and Unauthorized Access in SAP BusinessObjects Business Intelligence Platform
CVE-2023-31404 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.
Learn more about our User Device Pen Test.