CVE-2023-40622 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management)
https://notcve.org/view.php?id=CVE-2023-40622
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability. SAP BusinessObjects Business Intelligence Platform (Promotion Management): las versiones 420, 430, bajo ciertas condiciones, permiten a un atacante autenticado ver información sensible que de otro modo estaría restringida. En una explotación exitosa, el atacante puede comprometer completamente la aplicación causando un alto impacto en la confidencialidad, integridad y disponibilidad. • https://me.sap.com/notes/3320355 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2023-40623 – Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)
https://notcve.org/view.php?id=CVE-2023-40623
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system. SAP BusinessObjects Suite Installer - versión 420, 430, permite a un atacante dentro de la red crear un directorio en un directorio temporal y vincularlo a un directorio con archivos del sistema operativo. En la explotación exitosa, el atacante puede eliminar todos los archivos del sistema operativo causando un impacto limitado en la integridad y comprometiendo completamente la disponibilidad del sistema. • https://me.sap.com/notes/3317702 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVE-2023-37489 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Version Management System)
https://notcve.org/view.php?id=CVE-2023-37489
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or integrity. Debido a la falta de validación, SAP BusinessObjects Business Intelligence Platform (Version Management System) - versión 403, permite que un usuario no autenticado lea el fragmento de código a través de la interfaz de usuario, lo que conduce a un bajo impacto en la confidencialidad y ningún impacto en la disponibilidad o integridad de la aplicación. • https://me.sap.com/notes/3352453 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2023-37490 – Binary hijack in SAP BusinessObjects Business Intelligence (Installer)
https://notcve.org/view.php?id=CVE-2023-37490
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the confidentiality, integrity, and availability of the system • https://me.sap.com/notes/3317710 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-427: Uncontrolled Search Path Element •
CVE-2023-36917 – Password Change rate limit bypass in SAP BusinessObjects Business Intelligence Platform
https://notcve.org/view.php?id=CVE-2023-36917
SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. Although the attack has no impact on integrity loss or system availability, this could lead to an attacker to completely takeover a victim’s account. • https://me.sap.com/notes/3320702 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-307: Improper Restriction of Excessive Authentication Attempts •