CVE-2024-32732

CWE-4973 documents3 sources

Severity

5.3MEDIUM

EPSS

0.1%

top 71.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SE SAP Businessobjects Business Intelligence Platform SAP Businessobjects Business Intelligence Platform

Timeline

PublishedDec 10

Description

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDsap/businessobjects_business_intelligence_platform2025, 430+1

▶CVEListV5sap_se/sap_businessobjects_business_intelligence_platform2025, ENTERPRISE 430+1

Patches

Patch: url.sap ↗

🔴Vulnerability Details

CVEList

Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform↗2024-12-10

▶

GHSA

GHSA-h354-4wqm-8gr9: Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restrict↗2024-12-10

▶