CVE-2023-40623

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Sep 12, 2023

Updated: Sep 13, 2023

CWE ID 1386

Summary

CVE-2023-40623 is a vulnerability affecting the SAP BusinessObjects Suite Installer versions 420 and 430. An attacker with network access can exploit this issue by creating a directory in a temporary location and linking it to a directory containing operating system files. This allows the attacker to delete critical system files, causing limited impact on data integrity and significant compromise to system availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP BusinessObjects

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sYRPyP
https://www.cve.org/CVERecord?id=CVE-2023-40623
https://nvd.nist.gov/vuln/detail/CVE-2023-40623

Back to Vulnerability Database