CVE-2024-41731

CVE Database · CVE-2024-41731

CVE-2024-41731

· LOWModified

CVSS v3.1

3.1

EPSS

0.37%

Published

Aug 13, 2024

Modified

Dec 10, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-434

Affected Products (3)

sap · business_objects_business_intelligence_platformvulnerable

References (3)

https://me.sap.com/notes/3433545

Permissions Required

https://me.sap.com/notes/3515653

https://url.sap/sapsecuritypatchday

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs