Filtered by vendor Sap Se Subscriptions
Filtered by product Sap Business Objects Business Intgelligence Platform Subscriptions

Search

Switch to Advanced Search (Beta)
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-42907 2 Sap, Sap Se 2 Businessobjects Bi Platform, Sap Business Objects Business Intgelligence Platform 2025-09-24 4.3 Medium
SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system.
CVE-2025-0061 2 Sap, Sap Se 2 Businessobjects Business Intelligence Platform, Sap Business Objects Business Intgelligence Platform 2025-06-17 8.7 High
SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application.
CVE-2024-33004 1 Sap Se 1 Sap Business Objects Business Intgelligence Platform 2024-11-21 4.3 Medium
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application.
CVE-2024-41730 2 Sap, Sap Se 2 Business Objects Business Intelligence Platform, Sap Business Objects Business Intgelligence Platform 2024-09-12 9.8 Critical
In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.