CVE-2024-41730

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://me.sap.com/notes/3479478	Permissions Required
https://url.sap/sapsecuritypatchday	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_430:::::::*
	cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_440:::::::*

History

12 Sep 2024, 13:56

Type	Values Removed	Values Added
First Time		Sap business Objects Business Intelligence Platform Sap
Summary		(es) En la plataforma SAP BusinessObjects Business Intelligence, si el inicio de sesión único está habilitado en la autenticación empresarial, un usuario no autorizado puede obtener un token de inicio de sesión mediante un endpoint REST. El atacante puede comprometer completamente el sistema, lo que tendrá un alto impacto en la confidencialidad, la integridad y la disponibilidad.
CPE		cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_440:::::::* cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_430:::::::*
References	~~() https://me.sap.com/notes/3479478 -~~	() https://me.sap.com/notes/3479478 - Permissions Required
References	~~() https://url.sap/sapsecuritypatchday -~~	() https://url.sap/sapsecuritypatchday - Vendor Advisory

13 Aug 2024, 04:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-13 04:15

Updated : 2024-09-12 13:56

NVD link : CVE-2024-41730

Mitre link : CVE-2024-41730

CVE.ORG link : CVE-2024-41730

JSON object : View

Products Affected

sap

business_objects_business_intelligence_platform

CWE

CWE-862

Missing Authorization

{"id": "CVE-2024-41730", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-08-13T04:15:08.050", "references": [{"url": "https://me.sap.com/notes/3479478", "tags": ["Permissions Required"], "source": "cna@sap.com"}, {"url": "https://url.sap/sapsecuritypatchday", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "In SAP BusinessObjects Business Intelligence\nPlatform, if Single Signed On is enabled on Enterprise authentication, an\nunauthorized user can get a logon token using a REST endpoint. The attacker can\nfully compromise the system resulting in High impact on confidentiality,\nintegrity and availability."}, {"lang": "es", "value": "En la plataforma SAP BusinessObjects Business Intelligence, si el inicio de sesi\u00f3n \u00fanico est\u00e1 habilitado en la autenticaci\u00f3n empresarial, un usuario no autorizado puede obtener un token de inicio de sesi\u00f3n mediante un endpoint REST. El atacante puede comprometer completamente el sistema, lo que tendr\u00e1 un alto impacto en la confidencialidad, la integridad y la disponibilidad."}], "lastModified": "2024-09-12T13:56:51.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_430:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0764428E-CA9F-4BEF-90A9-E81D21398B91"}, {"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_440:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C464A193-F7CE-49A3-9B9D-17C1EA8E08AF"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}