CVE-2026-44743

3.7 LOW

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive in...

Published: 2026-06-09 · Last updated: 2026-06-09

Severity and scoring

CVSS: 3.7 LOW
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-497

Description

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-44743
[Other]https://me.sap.com/notes/3706000
[Other]https://url.sap/sapsecuritypatchday

Related CVEs

Same CWE

CVE-2026-0466 — Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potent...
CVE-2026-49077 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve... (5.3 MEDIUM)
CVE-2026-44749 — The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., reg... (4.3 MEDIUM)
CVE-2018-25358 — D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configura... (7.5 HIGH)
CVE-2026-27349 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embe... (4.3 MEDIUM)