CVE-2026-24318

Name of the Vulnerable Software and Affected Versions SAP Business Objects Business Intelligence Platform (affected versions not specified)

Description Insecure session management allows an unauthenticated attacker to obtain and reuse valid session tokens to gain unauthorized access to a victim's session. If the application accepts previously issued tokens after authentication, the attacker can assume the victim's authenticated context to access or modify information within the session scope, impacting confidentiality and integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.