CVE-2022-32246

Summary

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform (Visual Difference Application)420affected
SAP SESAP BusinessObjects Business Intelligence Platform (Visual Difference Application)430affected

Weaknesses

  • CWE-89: CWE-89

ADP Enrichment

CVE Program Container

Additional References

References