Unrated severityNVD Advisory· Published Dec 12, 2022· Updated Apr 22, 2025

CVE-2022-31596

Description

Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring database to retrieve and modify (non-personal) system data which would otherwise be restricted. Also, a potential attack could be used to leave the CMS's scope and impact the database.

A successful attack could have a low impact on confidentiality, a high impact on integrity, and a low impact on availability.

Affected products

SAP/BusinessObjects Business Intelligence Platform (Web Intelligence)llm-fuzzy
Range: = 430
SAP/BusinessObjects Platform (BI Launchpad)cpe-rescue
Range: 430

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000