CVE-2023-40622

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Sep 12, 2023

Updated: Sep 13, 2023

CWE ID 200

Summary

CVE-2023-40622 is a vulnerability affecting SAP BusinessObjects Business Intelligence Platform's Promotion Management module, specifically versions 420 and 430. Under certain conditions, this issue enables authenticated attackers to access sensitive information that is normally restricted, potentially leading to a complete compromise of the application. The consequences of exploitation are significant, as it can negatively impact confidentiality, integrity, and availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP Business Objects Business Intelligence

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sYR5rh
https://www.cve.org/CVERecord?id=CVE-2023-40622
https://nvd.nist.gov/vuln/detail/CVE-2023-40622

Back to Vulnerability Database