CVE-2024-25646 Information

Description

Due to improper validation SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application.

Reference

https://me.sap.com/notes/3421384 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364