CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-25646

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.5%

CVSS Severity

CVSS v3 Score 7.7

References

https://me.sap.com/notes/3421384
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
https://me.sap.com/notes/3421384
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364

Products affected by CVE-2024-25646

Sap » Businessobjects Web Intelligence » Version: 420

cpe:2.3:a:sap:businessobjects_web_intelligence:420
Sap » Businessobjects Web Intelligence » Version: 430

cpe:2.3:a:sap:businessobjects_web_intelligence:430
Sap » Businessobjects Web Intelligence » Version: 440

cpe:2.3:a:sap:businessobjects_web_intelligence:440

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-25646

Products

Pricing

Contact Us