CVE-2024-28166

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_objects_business_intelligence_platform:440:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_420:*:*:*:*:*:*:*

History

10 Dec 2024, 07:15

Type Values Removed Values Added
References
  • () https://me.sap.com/notes/3515653 -

Information

Published : 2024-08-13 04:15

Updated : 2024-12-10 07:15


NVD link : CVE-2024-28166

Mitre link : CVE-2024-28166

CVE.ORG link : CVE-2024-28166


JSON object : View

Products Affected

sap

  • business_objects_business_intelligence_platform
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type