CVE-2024-25646
published 2024-04-09CVE-2024-25646: Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | businessobjects_web_intelligence | — | — |
| sap | businessobjects_web_intelligence | — | — |
| sap | businessobjects_web_intelligence | — | — |
| sap_se | sap_businessobjects_web_intelligence | — | — |
| sap_se | sap_businessobjects_web_intelligence | — | — |
| sap_se | sap_businessobjects_web_intelligence | — | — |