Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-25616

Опубликовано: 14 мар. 2023
Источник: nvd
CVSS3: 9.9
CVSS3: 8.8
EPSS Низкий

Описание

In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:business_objects_business_intelligence_platform:420:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:*:*:*:*:*:*:*

EPSS

Процентиль: 70%
0.00637
Низкий

9.9 Critical

CVSS3

8.8 High

CVSS3

Дефекты

CWE-74
CWE-74

Связанные уязвимости

github логотип

GHSA-xgfr-99g3-7x24

CVSS3: 8.8
github
почти 3 года назад

In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.

fstec логотип

BDU:2023-01288

CVSS3: 9.9
fstec
почти 3 года назад

Уязвимость консоли Central Management Console (CMC) платформы бизнес-аналитики SAP Business Objects Business Intelligence Platform, позволяющая нарушителю выполнить произвольный код и получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 70%
0.00637
Низкий

9.9 Critical

CVSS3

8.8 High

CVSS3

Дефекты

CWE-74
CWE-74