CVE-2025-31332

CWE-2773 documents3 sources
Severity
7.1HIGH
EPSS
0.0%
top 86.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Businessobjects Business Intelligence PlatformSAP Businessobjects Business Intelligence Platform
Timeline
PublishedApr 8

Description

Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this vulnerability does not disclose any sensitive data.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:HExploitability: 1.3 | Impact: 5.2

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-h46p-c4hm-rp47: Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify fi2025-04-08
CVEList
Insecure File permissions vulnerability in SAP BusinessObjects Business Intelligence Platform2025-04-08
CVE-2025-31332 (HIGH CVSS 7.1) | Due to insecure file permissions in | cvebase.io