- Description
- SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application.
- Source
- cna@sap.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.7
- Impact score
- 5.8
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
- Severity
- HIGH
- cna@sap.com
- CWE-497
- Hype score
- Not currently trending
Security Bulletin: Multiple SAP NetWeaver Vulnerabilities - CVE-2025-0070; CVE-2025-0066; CVE-2025-0063; CVE-2025-0061 - Please update to the latest software versions as listed in the SAP Security Advisory #RedLeggCTI #ThreatIntel #SAP https://t.co/rVIAVTKdSj
@RedLegg
16 Jan 2025
6 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0061 Unauthenticated Session Hijacking in SAP BusinessObjects BI Platform https://t.co/2XiI7zFok2
@VulmonFeeds
14 Jan 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0061: HIGH] Unauthenticated attacker exploit vulnerability in SAP BusinessObjects BI Platform, enabling session hijacking and unauthorized data access, posing significant cyber security risk.#cybersecurity,#vulnerability https://t.co/LZkZpASomE https://t.co/fVSkqljYkW
@CveFindCom
14 Jan 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes