CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28765

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user, the attacker can perform operations that can completely compromise the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.101

EPSS Ranking 92.7%

CVSS Severity

CVSS v3 Score 9.8

References

https://launchpad.support.sap.com/#/notes/3298961
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3298961
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2023-28765

Sap » Businessobjects Business Intelligence » Version: 420

cpe:2.3:a:sap:businessobjects_business_intelligence:420
Sap » Businessobjects Business Intelligence » Version: 430

cpe:2.3:a:sap:businessobjects_business_intelligence:430

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28765

Products

Pricing

Contact Us