CVE-2023-40623

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Suite Installer versions 420, 430

Description The issue allows an attacker within the network to create a directory under a temporary directory and link it to a directory with operating system files. On successful exploitation, the attacker can delete all the operating system files, causing a limited impact on integrity and completely compromising the availability of the system.

Recommendations For versions 420 and 430, consider restricting access to the temporary directory to prevent an attacker from creating malicious links, and ensure that the system has appropriate backups and security measures in place to mitigate the potential impact of such an attack. At the moment, there is no information about a newer version that contains a fix for this vulnerability.