Skip to main content

Business Objects Business Intelligence Platform CVE-2022-41267

HIGH
Unrestricted Upload of File with Dangerous Type (CWE-434)
2022-12-13 cna@sap.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 13, 2022 - 03:15 nvd
HIGH 8.8

DescriptionNVD

SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.

AnalysisAI

SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application. Affected products include: Sap Business Objects Business Intelligence Platform.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.

CVE-2024-41730 CRITICAL
9.8 Aug 13

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an u

CVE-2023-25617 HIGH
8.8 Mar 14

SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, wh

CVE-2023-25616 HIGH
8.8 Mar 14

In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object executio

CVE-2023-42478 HIGH
7.6 Dec 12

SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to upload agnostic

CVE-2022-39013 HIGH
7.6 Oct 11

Under certain conditions an authenticated attacker can get access to OS credentials. Rated high severity (CVSS 7.6), thi

CVE-2022-39015 MEDIUM
6.5 Oct 11

Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be rest

CVE-2022-24398 MEDIUM
6.5 Mar 10

Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticate

CVE-2022-31596 MEDIUM
6.0 Dec 12

Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Networ

CVE-2023-23856 MEDIUM
5.4 Feb 14

In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json wit

CVE-2023-0015 MEDIUM
5.4 Jan 10

In SAP BusinessObjects Business Intelligence Platform (Web Intelligence user interface) - version 420, some calls return

CVE-2022-31598 MEDIUM
5.4 Jul 12

Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a m

CVE-2022-32246 MEDIUM
4.6 Jul 12

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authen

Share

CVE-2022-41267 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy