SAP BusinessObjects Business Intelligence Platform (Promotion Management) - Information Disclosure Vulnerability

SAP BusinessObjects Business Intelligence Platform (Promotion Management) - Information Disclosure Vulnerability

CVE-2023-40622 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.

Learn more about our Web Application Penetration Testing UK.