CVE-2022-41267 - OpenCVE

SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Business Objects Business Intelligence Platform

Configuration 1 [-]

OR	cpe:2.3:a:sap:business_objects_business_intelligence_platform:420:::::::*
	cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:::::::*

No data.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/3239475
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2022-12-13T02:39:12.109Z

Updated: 2024-08-03T12:42:44.072Z

Reserved: 2022-09-21T16:20:14.949Z

Link: CVE-2022-41267

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-12-13T03:15:09.583

Modified: 2022-12-15T15:50:05.717

Link: CVE-2022-41267

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-41267", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "requesterUserId": "048f1e0a-8756-40de-bd1f-51292c7183c7", "dateReserved": "2022-09-21T16:20:14.949Z", "datePublished": "2022-12-13T02:39:12.109Z", "dateUpdated": "2024-08-03T12:42:44.072Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "BusinessObjects Business Intelligence Platform", "vendor": "SAP", "versions": [{"status": "affected", "version": "420"}, {"status": "affected", "version": "430"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application."}], "value": "SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2022-12-13T02:39:12.109Z"}, "references": [{"url": "https://launchpad.support.sap.com/#/notes/3239475"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:42:44.072Z"}, "title": "CVE Program Container", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3239475", "tags": ["x_transferred"]}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:420:*:*:*:*:*:*:*", "matchCriteriaId": "1F7F8064-45BC-4A01-897A-0A2893BBBEC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:*:*:*:*:*:*:*", "matchCriteriaId": "6EB0EFA3-8AD2-42F2-86E1-A62ECF8340E3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application."}, {"lang": "es", "value": "SAP Business Objects Platform: versiones 420 y 430, permite a un atacante con privilegios de usuario de BI normal cargar/reemplazar cualquier archivo en el servidor de Business Objects a nivel del sistema operativo, lo que le permite al atacante tomar control total del sistema y causar un alto impacto en confidencialidad, integridad y disponibilidad de la solicitud."}], "id": "CVE-2022-41267", "lastModified": "2022-12-15T15:50:05.717", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "cna@sap.com", "type": "Secondary"}]}, "published": "2022-12-13T03:15:09.583", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3239475"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "cna@sap.com", "type": "Secondary"}]}