Unrated severityNVD Advisory· Published May 9, 2023· Updated Jan 28, 2025

Information Disclosure vulnerability in SAP BusinessObjects Platform

CVE-2023-28764

Description

SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact on the integrity and availability of the system.

Affected products

SAP/BusinessObjects Platform (BI Launchpad)llm-fuzzy2 versions
= 420, 430+ 1 more
- (no CPE)range: = 420, 430
- (no CPE)range: 420

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

i7p.wdf.sap.corp/sap/support/notes/3302595mitre
www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000