February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory –CVE-2023-27267 – SAP Diagnostics Agent Vulnerability
April 12, 2023Rewterz Threat Advisory – CVE-2023-29186 – SAP NetWeaver Vulnerability
April 12, 2023Rewterz Threat Advisory –CVE-2023-27267 – SAP Diagnostics Agent Vulnerability
April 12, 2023Rewterz Threat Advisory – CVE-2023-29186 – SAP NetWeaver Vulnerability
April 12, 2023
Severity
High
Analysis Summary
CVE-2023-28765
SAP BusinessObjects Business Intelligence Platform could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain passwords information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-2876
Affected Vendors
SAP
Affected Products
- SAP BusinessObjects Business Intelligence Platform 420
- SAP BusinessObjects Business Intelligence Platform 430
Remediation
Current SAP customers should refer to SAP Security Advisory for patch information, available from the SAP Website (login required).