CVE-2023-31404 Information

Description

Under certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420 430 allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could let them access data sources which would otherwise be restricted.

Reference

https://launchpad.support.sap.com/#/notes/3038911 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html