← back
CVE-2022-35296

CVE-2022-35296

EPSS 0.8%CWE-200
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Oct 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Version Management System) exposes sensitive information to an actor over the network with high privileges that is not explicitly authorized to have access to that information, leading to a high impact on Confidentiality.
Affected products
SAP SE · SAP BusinessObjects Business Intelligence Platform (Version Management System)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/3233226https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html