CVE-2022-35169 - AskarLabs CVE Database

CVE-2022-35169

Vendor Sap Se

Product SAP BusinessObjects Business Intelligence Platform (LCM)

Weakness CWE-200 · Info exposure

Published July 12, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application.

Key dates

02Disclosure timeline

July 12, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-35169 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2024-13562 Import WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory CVE-2025-67732 Dify Vulnerable to Plaintext API Key Exposure via Model Provider Configuration Endpoint CVE-2026-34087 Users API leaks whether privileged users have their user groups disabled for lack of 2FA CVE-2026-32094 Shescape escape() leaves bracket glob expansion active on Bash, BusyBox, and Dash CVE-2018-0425 Cisco RV110W, RV130W, and RV215W Routers Management Interface Information Disclosure Vulnerability

Identifiers

CVE CVE-2022-35169

CWE CWE-200

Affected versions

Vendor Sap Se

Product SAP BusinessObjects Business Intelligence Platform (LCM)

Affected 420

Vendor Sap Se

Product SAP BusinessObjects Business Intelligence Platform (LCM)

Affected 430