CVE-2021-40497

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Analysis (edition for OLAP) versions 420, 430

Description The issue allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.

Recommendations For SAP BusinessObjects Analysis (edition for OLAP) versions 420, 430, consider restricting access to the exposed application endpoints to minimize the risk of exploitation. As a temporary workaround, consider disabling the affected endpoints until a patch is available. Avoid using the affected application endpoints over the network until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.