CVE-2024-33004
Description
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.061
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP Business Objects Business Intelligence Platform 430 | Windows |
| Multiple Vulnerabilities are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 430 | Windows |
| Vulnerabilities CVE-2024-28165,CVE-2024-33004,CVE-2024-34684 are affected in SAP Business Objects Business Intelligence Platform 440 | Windows |
| Vulnerabilities CVE-2024-28165,CVE-2024-33004,CVE-2024-34684 are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 440 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234