RCE in Sap Businessobjects_business_intelligence_platform

CVE-2023-0022

SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform ope…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.007 (50.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2023-0022?
CVE-2023-0022 is a critical-severity vulnerability in Sap Businessobjects_business_intelligence_platform, classified under Code Injection. CVSS score: 9.9/10. Published 2023-01-10.
How severe is CVE-2023-0022?
Critical severity. CVSS v3 base score is 9.9 out of 10.