Multiple vulnerabilities in SAP BusinessObjects Business Intelligence suite
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2023-37490 CVE-2023-39440 |
| CWE-ID | CWE-1395 CWE-345 CWE-312 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SAP BusinessObjects Business Intelligence suite Server applications / Other server solutions |
| Vendor | SAP |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Dependency on vulnerable third-party component
EUVDB-ID: #VU79276
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-1395 - Dependency on Vulnerable Third-Party Component
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application uses a vulnerable version of Apache Commons FileUpload. A remote attacker can perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsSAP BusinessObjects Business Intelligence suite: 4.2
External linkshttp://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html?august2023
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insufficient verification of data authenticity
EUVDB-ID: #VU79275
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-37490
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing verification of data authenticity in SAP BusinessObjects Installer application. An attacker with control over the network share from which the application is being installed can replace files in temporary directory with malicious ones and compromise the affected system.
Install updates from vendor's website.
Vulnerable software versionsSAP BusinessObjects Business Intelligence suite: 4.2 - 4.3
External linkshttp://me.sap.com/notes/3317710
http://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cleartext storage of sensitive information
EUVDB-ID: #VU79274
Risk: Low
CVSSv3.1: 2.5 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39440
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to application stores user's credentials in plain text in memory. If a victim logs into a particular program, under certain specific conditions memory might not be cleared up properly. A local user can read memory contents, extract credentials of another user and login to the application.
Install updates from vendor's website.
Vulnerable software versionsSAP BusinessObjects Business Intelligence suite: 4.3
External linkshttp://me.sap.com/notes/3312586
http://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
