Severity
6.7MEDIUM
EPSS
0.1%
top 83.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 12
Latest updateMay 24
Description
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9