Vulnerability in Sap Businessobjects_business_intelligence

CVE-2019-0346

Unencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Info…

EPSS: 0.007 (48.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

  • cna@sap.com (x_refsource_MISC, Vendor Advisory)
  • cna@sap.com (Permissions Required, x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2019-0346?
CVE-2019-0346 is a medium-severity vulnerability in Sap Businessobjects_business_intelligence, classified under Cleartext Transmission of Sensitive Information. CVSS score: 6.5/10. Published 2019-08-14.
How severe is CVE-2019-0346?
Medium severity. CVSS v3 base score is 6.5 out of 10.