CVE-2022-32245

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence Platform (Open Document) versions 420 through 430

Description The issue is related to information disclosure. It allows a remote attacker to gain unauthorized access to protected information. On successful exploitation, the attacker can view any data available for a business user and put a load on the application by an automated attack, completely compromising confidentiality but causing a limited impact on the availability of the application.

Recommendations For versions 420 through 430, consider restricting access to sensitive information and implementing additional security measures to prevent unauthorized access until a patch is available. As a temporary workaround, consider disabling the feature that allows retrieval of sensitive information in plain text over the network until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.