CVE-2026-0490

HIGH

SAP BusinessObjects BI Platform - Auth Bypass

Title source: llm

Description

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on the confidentiality and integrity.

References (2)

[Permissions Required] https://me.sap.com/notes/3654236

[Vendor Advisory] https://url.sap/sapsecuritypatchday

Scores

CVSS v3 7.5

EPSS 0.0010

EPSS Percentile 28.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-862

Status published

Affected Products (3)

sap/businessobjects_business_intelligence_platform

Timeline

Published Feb 10, 2026

Tracked Since Feb 18, 2026