CVE-2025-31332
Last modified
CVE-2025-31332 is a high-severity vulnerability rated 7.1/10 on the CVSS scale. Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this vulnerability does not disclose any sensitive data.. EPSS estimates a 0.13% chance of exploitation in the next 30 days.
Description
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this vulnerability does not disclose any sensitive data.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sap | Businessobjects Business Intelligence Platform | 430 |
References
- https://me.sap.com/notes/3565751Permissions Required
- https://url.sap/sapsecuritypatchdayVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-31332?
How severe is CVE-2025-31332?
How do I fix CVE-2025-31332?
Are you affected by CVE-2025-31332?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST