CVE-2022-41267

Name of the Vulnerable Software and Affected Versions SAP Business Objects Platform versions 420, and 430

Description The issue allows an attacker with normal BI user privileges to upload or replace any file on the Business Objects server at the operating system level. This enables the attacker to take full control of the system, causing a high impact on confidentiality, integrity, and availability of the application.

Recommendations For SAP Business Objects Platform versions 420 and 430, update to a version that fixes this issue to prevent attackers from uploading or replacing files on the server. At the moment, there is no information about a newer version that contains a fix for this vulnerability.