SAP BusinessObjects Suite Installer Directory Traversal Vulnerability

SAP BusinessObjects Suite Installer Directory Traversal Vulnerability

CVE-2023-40623 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system.

Learn more about our Network Penetration Testing.