Vulnerability Details CVE-2026-0485
SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, rendering the CMS completely unavailable. Successful exploitation results in a high impact on availability, while confidentiality and integrity remain unaffected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-0485
-
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:2025
-
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:2027
-
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:430