CVE-2026-0490

EPSS 0.12%
Veröffentlicht 10.02.2026 03:01:20
Zuletzt bearbeitet 17.02.2026 16:06:59
Quelle cna@sap.com
CVE-Watchlists
Login
Unerledigt
Login

Denial of service (DOS) in SAP BusinessObjects BI Platform

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on the confidentiality and integrity.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 3 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

SAP ≫ Businessobjects Business Intelligence Platform Version430 SwEditionenterprise

SAP ≫ Businessobjects Business Intelligence Platform Version2025 SwEditionenterprise

SAP ≫ Businessobjects Business Intelligence Platform Version2027 SwEditionenterprise

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.305

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
cna@sap.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://url.sap/sapsecuritypatchday

Vendor Advisory

https://me.sap.com/notes/3654236

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2026-0490

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-0490

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-0490

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-0490