CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28762

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platform resulting into accessing and modifying data. The attacker can also make the system partially or entirely unavailable.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.5%

CVSS Severity

CVSS v3 Score 9.1

References

https://launchpad.support.sap.com/#/notes/3307833
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3307833
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2023-28762

Sap » Businessobjects Business Intelligence » Version: 420

cpe:2.3:a:sap:businessobjects_business_intelligence:420
Sap » Businessobjects Business Intelligence » Version: 430

cpe:2.3:a:sap:businessobjects_business_intelligence:430

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28762

Products

Pricing

Contact Us