SAP Knowledge Base Article - Preview

3394549 - External software Vulnerabilities (CVE) NOT impacting SAP BI Platform

Symptom

Do the following listed External Vendor software vulnerabilities have any impact on the SAP BI Platform suite of products?

OLDER CVEsCVE-2023* CVE-2024*CVE-2025*
CVE-2021-44138
CVE-2021-26086
CVE-2021-26085
CVE-2022-31656

CVE-2023-22515 *1
CVE-2023-35009 *2 
CVE-2023-35011 *2
CVE-2023-36420 *3 
CVE-2023-36730 *3
CVE-2023-36785 *3
CVE-2023-36417 *3
CVE-2023-36728 *3

Microsoft SQL Server  ODBC and OLE DB Driver for SQL Server
CVE-2023-36728 *3
CVE-2023-36730 *3 
CVE-2023-36420 *3 
CVE-2023-36785 *3 
CVE-2023-36417 *3

Microsoft SQL Server ODBC and OLE DB Driver for SQL Server Remote Code Execution (RCE) 
CVE 2023-38169 *3 
CVE-2023-32027 *3
CVE-2023-32025 *3 
CVE-2023-32026 *3 
CVE-2023-29356 *3 
CVE-2023-32028 *3 
CVE-2023-29349 *3

Microsoft SQL ODBC and OLE DB Driver Remote Code Execution (RCE) 
CVE-2023-28304 *3 
CVE-2023-23375 *3

Microsoft .NET Framework Update
CVE-2023-36049 *4
CVE-2023-36560 *4

CVE-2024-20652 *5 
CVE-2024-20653 *5 
CVE-2024-20654 *5
CVE-2024-20655 *5
CVE-2024-20657 *5

CVE-2024-20658 *5
CVE-2024-20660 *5
CVE-2024-20661 *5
CVE-2024-20662 *5
CVE-2024-20663 *5
CVE-2024-20664 *5
CVE-2024-20674 *5

CVE-2024-20680 *5
CVE-2024-20682 *5
CVE-2024-20683 *5
CVE-2024-20691 *5
CVE-2024-20692 *5

CVE-2024-21307 *5
CVE-2024-21311 *5
CVE-2024-21313 *5
CVE-2024-21314 *5
CVE-2024-21320 *5

CVE-2024-35271 *5
CVE-2024-38087 *5
CVE-2024-21303 *5
CVE-2024-37321 *5
CVE-2024-21428 *5
CVE-2024-21415 *5
CVE-2024-37324 *5
CVE-2024-21449 *5
CVE-2024-37326 *5
CVE-2024-37327 *5
CVE-2024-37328 *5
CVE-2024-37329 *5
CVE-2024-37330 *5
CVE-2024-37333 *5
CVE-2024-37334 *5
CVE-2024-37336 *5
CVE-2024-37322 *5
CVE-2024-28928 *5
CVE-2024-35256 *5
CVE-2024-38088 *5
CVE-2024-21332 *5
CVE-2024-21331 *5
CVE-2024-21425 *5
CVE-2024-37319 *5
CVE-2024-37327 *5
CVE-2024-35272 *5
CVE-2024-37320 *5

CVE-2024-24795

CVE-2025-23001

*1 - related to Altassian Software
*2 - related to IBM Cognos
*3 - related to Microsoft Sql servers or clients (odbc / ole drivers). Recommend upgrading to the vendor recommended patch levels on supported PAM versions.
*4 - .NET framework. Recommend upgrading to the vendor recommended patch levels on supported PAM versions.
*5 - Microsoft Windows client or server specific vulnerabilities (https://msrc.microsoft.com/update-guide/vulnerability/). Follow Microsoft guidelines.

 


Read more...

Environment

  • SAP BusinessObjects Business Intelligence Platform (BI) 4.2 / 4.3
  • SAP BusinessObjects Business Intelligence Platform (BI) 2025

Product

SAP BusinessObjects Business Intelligence platform 2025 ; SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3

Keywords

CVE, CVE-2023, tomcat, security, web application, webtier, vulnerability, BOE/BI, 3rd, party, third-party, third, software, external, vendor , KBA , BI-BIP-SEC , Security Vulnerabilities in SAP BusinessObjects , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.