CVE-2024-28166

EUVD-2024-25298
SAP BusinessObjects Business Intelligence
  Platform allows an authenticated attacker to upload malicious code over the
  network, that could be executed by the application. On successful
  exploitation, the attacker can cause a low impact on the Integrity of the
  application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
sapCNA
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Common Weakness Enumeration
References
https://me.sap.com/notes/3433545
https://me.sap.com/notes/3515653
https://url.sap/sapsecuritypatchday