CVE-2024-32732 MEDIUM

CVE-2024-32732: Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform

Vendor Sap_Se
Product SAP BusinessObjects Business Intelligence platform
Weakness CWE-497
Published December 10, 2024
Last update December 10, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application.

Key dates

02Disclosure timeline

December 10, 2024 CVE published
December 10, 2024 Record updated