Request a Demo
Rewterz
Rewterz Threat Alert -New Golang-Based Botnet GoBruteforcer Breaches Web Servers – Active IOCs
March 15, 2023
Rewterz
Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs
March 16, 2023

Rewterz Threat Advisory – Multiple SAP BusinessObjects Business Intelligence Platform Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-27896 CVSS:6.5

SAP BusinessObjects Business Intelligence Platform is vulnerable to a denial of service, caused by improper access control. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause the application server to connect to its own CMS, and results in a denial of service condition.

CVE-2023-27894 CVSS:5

SAP BusinessObjects Business Intelligence platform could allow a remote authenticated attacker to obtain sensitive information, caused by improper validating CMS parameters. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2023-27271 CVSS:6.5

SAP BusinessObjects Business Intelligence Platform is vulnerable to a denial of service, caused by improper access control. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause the application server to connect to its own admintools, and results in a denial of service condition.

CVE-2023-25617 CVSS:9

SAP Business Objects Business Intelligence Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an OS command injection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-25616 CVSS:9.9

SAP Business Objects Business Intelligence Platform could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

  • Denial of Service
  • Information Disclosure
  • Code Execution

Indicators Of Compromise

CVE

  • CVE-2023-27896
  • CVE-2023-27894
  • CVE-2023-27271
  • CVE-2023-25617
  • CVE-2023-25616

Affected Vendors

SAP

Affected Products

  • SAP BusinessObjects Business Intelligence Platform 420
  • SAP BusinessObjects Business Intelligence Platform 430

Remediation

Current SAP customers should refer to SAP note 3287120 for patch information, available from the SAP Web site (login required).  

SAP Website