CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0061: Multiple vulnerabilities in SAP BusinessObjects Business Intelligence Platform

8.7 CVSS

Description

SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application.

Classification

CVE ID: CVE-2025-0061

CVSS Base Severity: HIGH

CVSS Base Score: 8.7

Affected Products

Vendor: SAP_SE

Product: SAP BusinessObjects Business Intelligence Platform

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.48% (scored less or equal to compared to others)

EPSS Date: 2025-02-12 (when was this score calculated)

References

https://me.sap.com/notes/3474398
https://url.sap/sapsecuritypatchday

Timeline