What the vulnerability does

01Description

Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

Key dates

02Disclosure timeline

July 12, 2022 CVE published
August 3, 2024 Record updated