CVE-2026-44743

Summary

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP Business ObjectsENTERPRISE 430affected
SAP_SESAP Business Objects2025affected
SAP_SESAP Business Objects2027affected

Weaknesses

  • CWE-497: CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References