SAPBusinessObjects Information Disclosure Vulnerability


Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, allows an attacker to access information which would otherwise be restricted.


The information has been provided by SAP.
The original article can be found at:


SAP Businessobjects is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application

Vulnerable Systems:

  • SAP Businessobjects 4.2
  • SAP Businessobjects 4.3

CVE Information:

Disclosure Timeline:
Publish Date:05/14/2019