Privilege Escalation and Unauthorized Access in SAP BusinessObjects Business Intelligence Platform

Privilege Escalation and Unauthorized Access in SAP BusinessObjects Business Intelligence Platform

CVE-2023-31404 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.

Learn more about our User Device Pen Test.