CVE-2023-31404

CVSS V2 None CVSS V3 None

Description

Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.

Overview

CVE ID
CVE-2023-31404

Assigner
cna@sap.com

Vulnerability Status
Received

Published Version
2023-05-09T02:15:12

Last Modified Date
2023-05-09T02:15:12

Weakness Enumerations

CWE	URL
CWE-200	http://cwe.mitre.org/data/definitions/200.html

References

Reference URL	Reference Tags
https://launchpad.support.sap.com/#/notes/3038911
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-31404
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31404

History

Created	Old Value	New Value	Data Type	Notes
2023-05-09 03:05:39				Added to TrackCVE
2023-05-09 03:05:42			Weakness Enumeration	new