CVE-2022-32246

CVE-2022-32246

Vendor Sap Se
Product SAP BusinessObjects Business Intelligence Platform (Visual Difference Application)
Weakness CWE-89 · SQLi
Published July 12, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application

Key dates

02Disclosure timeline

July 12, 2022 CVE published
August 3, 2024 Record updated