CVE-2025-0061

HIGH Year: 2025
CVSS v3 Score
8.7
High
Weakness Type
CWE-497
View all →

Vulnerability Description

SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulnerability. Attacker can access and modify all the data of the application.

Related Vulnerabilities

CVE-2022-1902

HIGH
CVSS:8.8(High)

A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifier...

CWE-4972022

CVE-2024-39675

HIGH
CVSS:8.8(High)

A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions <...

CWE-4972024

CVE-2023-32550

HIGH
CVSS:8.2(High)

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

CWE-4972023

CVE-2023-4237

HIGH
CVSS:7.8(High)

A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch t...

CWE-4972023

CVE-2022-20664

HIGH
CVSS:7.7(High)

A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authe...

CWE-4972022