CVE-2023-42478 – SAP Business Objects Business Intelligence Plat... (How to Fix)

Q: What is the severity of CVE-2023-42478?

CVE-2023-42478 has a CVSS score of 7.5 (HIGH). SAP Business Objects Business Intelligence Platform contains a stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to upload malicious documents. When other users open these documents, attackers can execute arbitrary JavaScript in their browser sessions, potentially compromising application integrity. This affects organizations using vulnerable versions of SAP Business Objects BI Platform.

📋 TL;DR

SAP Business Objects Business Intelligence Platform contains a stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to upload malicious documents. When other users open these documents, attackers can execute arbitrary JavaScript in their browser sessions, potentially compromising application integrity. This affects organizations using vulnerable versions of SAP Business Objects BI Platform.

💻 Affected Systems

Products:

SAP Business Objects Business Intelligence Platform

Versions: Specific versions not detailed in provided references; consult SAP Note 3382353 for exact affected versions.

Operating Systems: All supported OS for SAP Business Objects BI Platform

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the document upload functionality; default configurations are likely vulnerable unless specific security measures are implemented.

📦 What is this software?

Business Objects Business Intelligence Platform by Sap

View all CVEs affecting Business Objects Business Intelligence Platform →

Business Objects Business Intelligence Platform by Sap

View all CVEs affecting Business Objects Business Intelligence Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or compromise user accounts and sensitive business data.

🟠

Likely Case

Attackers with authenticated access upload malicious documents that execute JavaScript when opened by other users, potentially stealing session tokens or performing unauthorized actions.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before execution, preventing successful exploitation.

🌐 Internet-Facing: HIGH if the SAP Business Objects BI Platform is exposed to the internet, as authenticated attackers could target external users.

🏢 Internal Only: MEDIUM as it requires authenticated access, but internal users with malicious intent could still exploit the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access to upload documents; complexity is low once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to SAP Note 3382353 for specific patch versions and updates.

Vendor Advisory: https://me.sap.com/notes/3382353

Restart Required: Yes

Instructions:

1. Review SAP Note 3382353 for patch details. 2. Apply the relevant SAP Security Note or update to a patched version. 3. Restart the SAP Business Objects BI Platform services. 4. Verify the fix by testing document upload functionality.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement server-side validation and sanitization of uploaded document content to prevent XSS payloads.

Content Security Policy (CSP)

all

Deploy a strict CSP to mitigate the impact of XSS by restricting script execution sources.

🧯 If You Can't Patch

Restrict document upload permissions to trusted users only.
Implement web application firewalls (WAF) with XSS protection rules.

🔍 How to Verify

Check if Vulnerable:

Test by uploading a document with a simple XSS payload (e.g., <script>alert('test')</script>) and check if it executes when opened.

Check Version:

Check the SAP Business Objects BI Platform version via the Central Management Console (CMC) or administrative interfaces.

Verify Fix Applied:

After patching, repeat the vulnerability test; the XSS payload should be sanitized and not execute.

📡 Detection & Monitoring

Log Indicators:

Unusual document uploads, especially with script-like content in filenames or metadata.
Errors or warnings related to document processing or security filters.

Network Indicators:

HTTP requests uploading documents with suspicious content types or parameters.

SIEM Query:

Search for events where document uploads contain strings like '<script>', 'javascript:', or other common XSS patterns in request payloads.

📊 Metadata

CVE ID: CVE-2023-42478

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L

CWE: CWE-79

Published: December 12, 2023

Last Updated: November 21, 2024

🔗 References

https://me.sap.com/notes/3382353 Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory
https://me.sap.com/notes/3382353 Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42478, you might also want to check these: