CVE-2022-41206

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) versions 420, 430

Description The issue allows an authenticated attacker to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there could be a limited impact on confidentiality and integrity of the application.

Recommendations For versions 420 and 430, consider restricting access to the Central Management Console to minimize the risk of exploitation, and avoid creating or editing OLAP connections with user-controlled inputs until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.