VYPR
Unrated severityNVD Advisory· Published Jan 10, 2023· Updated Apr 9, 2025

SQL Injection vulnerability in SAP Business Planning and Consolidation MS

CVE-2023-0016

Description

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database.

Affected products

2
  • SAP/BPCllm-create
    Range: 10.0 (version 810)
  • SAP/SAP BPC MS 10.0v5
    Range: 800

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.