Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application.
References
Configurations
No configuration.
History
09 Apr 2024, 12:48
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Apr 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-09 01:15
Updated : 2024-04-09 12:48
NVD link : CVE-2024-25646
Mitre link : CVE-2024-25646
CVE.ORG link : CVE-2024-25646
JSON object : View
Products Affected
No product.
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor