CVE-2023-27271

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence Platform (Web Services) versions 420, 430

Description The issue allows an attacker to control a malicious BOE server, forcing the application server to connect to its own admintools. This results in a high impact on availability.

Recommendations For versions 420 and 430, consider restricting access to the admintools to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the connection to the BOE server until a fix is provided.