CVE-2025-42988 – SAP Business Objects Business Intelligence Platform Information Disclosure

June 9, 2025

CVE ID : CVE-2025-42988

Published : June 10, 2025, 1:15 a.m. | 23 minutes ago

Description : Under certain conditions, SAP Business Objects Business Intelligence Platform allows an unauthenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. This disclosure of information could further enable the researcher to cause SSRF. It has no impact on integrity and availability of the application.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-42996 – SAP MDM Server Session Hijacking Vulnerability

Next Article CVE-2025-42995 – SAP MDM Server Denial of Service (DoS)

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-42988 – SAP Business Objects Business Intelligence Platform Information Disclosure

CVE-2025-49584 – XWiki Information Disclosure Vulnerability

CVE-2025-49585 – XWiki Unrestricted Code Execution Vulnerability

CVE-2025-5562 – PHPGurukul Curfew SQL Injection Vulnerability

Matrix3D: Large Photogrammetry Model All-in-One

CVE-2025-41395 – Mattermost Denial of Service (DoS) Vulnerability

Millions of new materials discovered with deep learning

I spent hours demoing Samsung’s newest soundbar, and this one feature separates it from the bunch

aiortc is a library for WebRTC and ORTC

CVE-2025-27819 – Apache Kafka SASL JAAS JndiLoginModule RCE/DOS

CVE-2025-45021 – PHPGurukul Directory Management System SQL Injection

CVE-2025-42988 – SAP Business Objects Business Intelligence Platform Information Disclosure

Related Posts