Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.
History

Tue, 28 Jan 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-05-09T01:37:04.867Z

Updated: 2025-01-28T19:08:39.306Z

Reserved: 2023-04-27T18:29:50.455Z

Link: CVE-2023-31404

cve-icon Vulnrichment

Updated: 2024-08-02T14:53:30.648Z

cve-icon NVD

Status : Modified

Published: 2023-05-09T02:15:12.537

Modified: 2024-11-21T08:01:47.567

Link: CVE-2023-31404

cve-icon Redhat

No data.