CVE-2021-33667
published 2021-07-14CVE-2021-33667: Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | businessobjects_web_intelligence | — | — |
| sap | businessobjects_web_intelligence | — | — |
| sap_se | sap_business_objects_web_intelligence | < 420 | 420 |
| sap_se | sap_business_objects_web_intelligence | < 430 | 430 |