CVE-2022-22541 Information

Jun 07, 2022 cve

Description

SAP BusinessObjects Business Intelligence Platform - versions 420 430 may allow legitimate users to access information they shouldn’t see through relational or OLAP connections. The main impact is the disclosure of company data to people that shouldn’t or don’t need to have access.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://launchpad.support.sap.com/#/notes/3137191 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5

Share on: