Vulnerability in Sap Business_objects_business_intelligence_platform
CVE-2022-31596
Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring databa…
EPSS: 0.007 (46.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L.
Affected products
- Sap Business_objects_business_intelligence_platform — versions 430
- Sap Business Objects Platform (Monitoring Db) — versions 430
Weakness classification (CWE)
References
- cna@sap.com (Permissions Required, Vendor Advisory)
- cna@sap.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-31596?
- CVE-2022-31596 is a medium-severity vulnerability in Sap Business_objects_business_intelligence_platform, classified under Exposure of Resource to Wrong Sphere. CVSS score: 6.0/10. Published 2022-12-12.
- How severe is CVE-2022-31596?
- Medium severity. CVSS v3 base score is 6.0 out of 10.