4.3
CVE-2026-44755
- EPSS 0.11%
- Veröffentlicht 09.06.2026 00:21:39
- Zuletzt bearbeitet 09.06.2026 02:08:28
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
Email Spoofing vulnerability in SAP Business Objects Business Intelligence Platform
SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerability has a low impact on integrity and does not affect the confidentiality and availability of the application.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSAP_SE
≫
Produkt
SAP Business Objects Business Intelligence Platform
Default Statusunaffected
Version
ENTERPRISE 430
Status
affected
Version
2025
Status
affected
Version
2027
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.015 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
CWE-346 Origin Validation Error
The product does not properly verify that the source of data or communication is valid.
https://url.sap/sapsecuritypatchday
https://me.sap.com/notes/3687096