QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-31596

Back to search

CVE-2022-31596

Published: Dec 12, 2022

Modified: Apr 22, 2025

PUBLISHED

Description

Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring database to retrieve and modify (non-personal) system data which would otherwise be restricted. Also, a potential attack could be used to leave the CMS's scope and impact the database. A successful attack could have a low impact on confidentiality, a high impact on integrity, and a low impact on availability.

VendorProductVersions

SAP

SAP Business Objects Platform (Monitoring DB)

affected
430

Weaknesses (CWE)

CWE-668

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2022-31596 - Security Vulnerability | QwikSec