CVE-2022-28214

Summary

During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Enterprise (Central Management Server)420affected
SAP SESAP BusinessObjects Enterprise (Central Management Server)430affected

Weaknesses

  • CWE-312: CWE-312

ADP Enrichment

CVE Program Container

Additional References

References