← Back to CVEs
CVE-2023-28764
LOW3.7
Description
SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact on the integrity and availability of the system.
CVE Details
CVSS v3.1 Score3.7
SeverityLOW
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionNONE
Published5/9/2023
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
sap:businessobjects
Weaknesses (CWE)
CWE-522
References
https://i7p.wdf.sap.corp/sap/support/notes/3302595(cna@sap.com)
https://i7p.wdf.sap.corp/sap/support/notes/3302595(af854a3a-2127-422b-91ae-364da2661108)
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.