CVE-2024-34684
Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Scheduling)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
On Unix, SAP BusinessObjects Business
Intelligence Platform (Scheduling) allows an authenticated attacker with
administrator access on the local server to access the password of a local
account. As a result, an attacker can obtain non-administrative user
credentials, which will allow them to read or modify the remote server files.
En Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) permite que un atacante autenticado con acceso de administrador en el servidor local acceda a la contraseña de una cuenta local. Como resultado, un atacante puede obtener credenciales de usuario no administrativas, que le permitirán leer o modificar los archivos del servidor remoto.
On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) allows an authenticated attacker with administrator access on the local server to access the password of a local account. As a result, an attacker can obtain non-administrative user credentials, which will allow them to read or modify the remote server files.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-07 CVE Reserved
- 2024-06-11 CVE Published
- 2024-06-11 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://me.sap.com/notes/3441817 | ||
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
SAP SE Search vendor "SAP SE" | SAP BusinessObjects Business Intelligence Platform Search vendor "SAP SE" for product "SAP BusinessObjects Business Intelligence Platform" | 420 Search vendor "SAP SE" for product "SAP BusinessObjects Business Intelligence Platform" and version "420" | en |
Affected
| ||||||
SAP SE Search vendor "SAP SE" | SAP BusinessObjects Business Intelligence Platform Search vendor "SAP SE" for product "SAP BusinessObjects Business Intelligence Platform" | 430 Search vendor "SAP SE" for product "SAP BusinessObjects Business Intelligence Platform" and version "430" | en |
Affected
| ||||||
SAP SE Search vendor "SAP SE" | SAP BusinessObjects Business Intelligence Platform Search vendor "SAP SE" for product "SAP BusinessObjects Business Intelligence Platform" | 440 Search vendor "SAP SE" for product "SAP BusinessObjects Business Intelligence Platform" and version "440" | en |
Affected
|