PT-2022-21175 · Sap Se+1 · Sap Businessobjects Business Intelligence Platform+1
Published
2022-09-13
·
Updated
2022-09-20
·
CVE-2022-32244
CVSS v3.1
5.2
Medium
| Vector | AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
No specific software or versions mentioned.
Description
The issue allows an attacker with high privilege access and authenticated as a CMS administrator to access and modify system data in the BOE Commentary database. This can be done under certain conditions and requires access to the same physical or logical network, which would otherwise restrict this information. The impact on confidentiality is low, but the impact on the integrity of the application is high.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Businessobjects Business Intelligence Platform
Sap Businessobjects Business Intelligence