CVE-2024-32732: Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform

5.3 CVSS

Description

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application.

Classification

CVE ID: CVE-2024-32732

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

Affected Products

Vendor: SAP_SE

Product: SAP BusinessObjects Business Intelligence platform

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://me.sap.com/notes/3524933
https://url.sap/sapsecuritypatchday

Timeline

2024-12-11 00:30:52 UTC
CVE

Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform