SAP BusinessObjects BI Platform Content Management Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in SAP BusinessObjects BI Platform. This issue allows an unauthenticated attacker to send specially crafted requests that can cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker could create a persistent disruption of service, making the CMS completely unavailable. While this vulnerability significantly impacts the availability of the service, it does not affect confidentiality or integrity.

Impact

Exploitation of this vulnerability leads to a crash of the Content Management Server, causing it to restart and creating a service disruption that makes the CMS unavailable.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, where users can find the complete list of security notes and prioritize their implementation. For more information on SAP Security Patch Day and the availability of security fixes, refer to the SAP Security Notes FAQ.