First published: Tue May 09 2023(Updated: )
SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact on the integrity and availability of the system.
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP BusinessObjects | =4.20 | |
SAP BusinessObjects | =4.30 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-28764 is a vulnerability in SAP BusinessObjects Platform versions 4.20 and 4.30.
CVE-2023-28764 has a severity rating of medium.
CVE-2023-28764 allows an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names.
CVE-2023-28764 affects versions 4.20 and 4.30 of SAP BusinessObjects Platform.
To fix CVE-2023-28764, it is recommended to apply the necessary patches or updates provided by SAP BusinessObjects Platform.