CVE Published: 14/03/2023 |
CVE Updated: 02/08/2024 |
CVE Year: 2023 Source: sap |
Vendor: SAP |
Product: Business Objects Business Intelligence Platform (CMC) Status : PUBLISHED
CVE-2023-25616 Description
In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.
Metrics
CVSS Version: 3.1 |
Base Score: 9.9 CRITICAL Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H