SAP Business Objects Info Leak via Unauthorized Endpoint
CVE-2026-44743 Published on June 9, 2026
Security Misconfiguration vulnerability in SAP Business Objects
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.
Vulnerability Analysis
CVE-2026-44743 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Type
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.
Products Associated with CVE-2026-44743
Want to know whenever a new CVE is published for SAP Businessobjects? stack.watch will email you.
Affected Versions
SAP_SE SAP Business Objects:- Version ENTERPRISE 430 is affected.
- Version 2025 is affected.
- Version 2027 is affected.