CVE-2022-35296: Infoleak
First published: Tue Oct 11 2022(Updated: )
Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Version Management System) exposes sensitive information to an actor over the network with high privileges that is not explicitly authorized to have access to that information, leading to a high impact on Confidentiality.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP BusinessObjects Business Intelligence | =420 | |
| SAP BusinessObjects Business Intelligence | =430 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-35296.
What is the severity of CVE-2022-35296?
CVE-2022-35296 has a severity level of medium.
Which software versions are affected by CVE-2022-35296?
SAP BusinessObjects Business Intelligence Platform versions 420 and 430 are affected by CVE-2022-35296.
How does CVE-2022-35296 affect the application?
CVE-2022-35296 exposes sensitive information to an unauthorized actor with high privileges, leading to a high impact on confidentiality.
Where can I find more information about CVE-2022-35296?
You can find more information about CVE-2022-35296 at the following references: [1] [2]
- collector/nvd-index
- vendor/sap
- canonical/sap businessobjects business intelligence
- version/sap businessobjects business intelligence/420
- version/sap businessobjects business intelligence/430