CVE-2022-35228

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence (affected versions not specified)

Description The issue is related to a component of the SAP BusinessObjects Business Intelligence platform, specifically the Central Management Console (CMC), and involves a cross-site request forgery. This could allow a remote attacker to disclose protected information or cause a denial of service. An unauthenticated attacker can retrieve token information over the network, which is normally restricted, by exploiting the application when a legitimate user accesses it and a local compromise occurs, such as through sniffing or social engineering. Successful exploitation can lead to the complete compromise of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.