CVE-2022-24398: Infoleak
First published: Thu Mar 10 2022(Updated: )
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Business Objects Business Intelligence Platform | =420 | |
| SAP Business Objects Business Intelligence Platform | =430 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-24398.
What is the title of the vulnerability?
The title of the vulnerability is 'Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420 430 allows an authenticated attacker to access information which would otherwise be restricted.'
What is the severity of CVE-2022-24398?
The severity of CVE-2022-24398 is medium with a severity value of 6.5.
Which versions of SAP Business Objects Business Intelligence Platform are affected by CVE-2022-24398?
Versions 420 and 430 of SAP Business Objects Business Intelligence Platform are affected by CVE-2022-24398.
How do I fix CVE-2022-24398?
To fix CVE-2022-24398, it is recommended to apply the latest security patches and updates provided by SAP.
- collector/nvd-index
- vendor/sap
- canonical/sap business objects business intelligence platform
- version/sap business objects business intelligence platform/420
- version/sap business objects business intelligence platform/430