CVE-2023-37489

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 12, 2023

Updated: Sep 14, 2023

CWE ID 209

Summary

CVE-2023-37489 is a vulnerability affecting the Version Management System of SAP BusinessObjects Business Intelligence Platform (specifically, version 403). This issue stems from insufficient input validation, which allows unauthenticated users to access code snippets through the user interface. The impact of this vulnerability is limited to confidentiality, as no disruption to the application's availability or integrity occurs.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP Business Objects Business Intelligence

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sqKAB6
https://www.cve.org/CVERecord?id=CVE-2023-37489
https://nvd.nist.gov/vuln/detail/CVE-2023-37489

Back to Vulnerability Database