CVE-2026-44743

LOW

SAP BusinessObjects - Sensitive Information Exposure via Endpoint

Title source: manual

Description

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.

References (2)

Core 2

Core References

https://me.sap.com/notes/3706000

https://url.sap/sapsecuritypatchday

Scores

CVSS v3 3.7

EPSS 0.0019

EPSS Percentile 8.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-497

Status published

Products (3)

SAP_SE/SAP Business Objects 2025

SAP_SE/SAP Business Objects 2027

SAP_SE/SAP Business Objects ENTERPRISE 430

Published Jun 09, 2026

Tracked Since Jun 09, 2026