CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-32246

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.0%

CVSS Severity

CVSS v3 Score 4.6

CVSS v2 Score 4.9

References

https://launchpad.support.sap.com/#/notes/3203079
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3203079
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2022-32246

Sap » Business Objects Business Intelligence Platform » Version: 420

cpe:2.3:a:sap:business_objects_business_intelligence_platform:420
Sap » Business Objects Business Intelligence Platform » Version: 430

cpe:2.3:a:sap:business_objects_business_intelligence_platform:430

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-32246

Products

Pricing

Contact Us