Rewterz Threat Advisory – SAP BusinessObjects Enterprise Vulnerability

Rewterz Threat Advisory – SAP Employee Self Service Vulnerability

May 12, 2022

Rewterz Threat Advisory – SAP Web Dispatcher and SAP Netweaver AS for ABAP Vulnerability

May 12, 2022

Rewterz Threat Advisory – SAP BusinessObjects Enterprise Vulnerability

Severity

High

Analysis Summary

CVE-2022-28214

SAP BusinessObjects Enterprise could allow a local authenticated attacker to obtain sensitive information, caused by the storage of authentication credentials in the Sysmon event logs. By gaining access to the Sysmon event logs, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2022-28214

Affected Vendors

SAP

Affected Products

SAP BusinessObjects Enterprise 420
SAP BusinessObjects Enterprise 430

Remediation

Current SAP customers should refer to SAP note for patch information, available from the SAP Web site (login required).

SAP Website

Rewterz Annual Threat Intelligence Report 2025 - Download Now

Rewterz Threat Advisory – SAP Employee Self Service Vulnerability

Rewterz Threat Advisory – SAP Web Dispatcher and SAP Netweaver AS for ABAP Vulnerability

Rewterz Threat Advisory – SAP BusinessObjects Enterprise Vulnerability

Severity

Analysis Summary

CVE-2022-28214

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan