CVE-2023-42474

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Web Intelligence version 420

Description The issue is related to the failure to protect the web page structure, which could allow a remote attacker to gain unauthorized access to protected information by opening a specially crafted malicious link. This could possibly enable an attacker to retrieve sensitive information by sending a malicious link to a user. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For SAP BusinessObjects Web Intelligence version 420, consider disabling the vulnerable URL parameter to minimize the risk of exploitation until a patch is available. Restrict access to sensitive information and avoid using potentially vulnerable links in the affected version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.