CVE-2026-0485
Denial of Service in SAP BusinessObjects CMS via Crafted Requests
Publication date: 2026-02-10
Last updated on: 2026-02-17
Assigner: SAP SE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sap | businessobjects_business_intelligence_platform | 430 |
| sap | businessobjects_business_intelligence_platform | 2025 |
| sap | businessobjects_business_intelligence_platform | 2027 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-405 | The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric." |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the SAP BusinessObjects BI Platform, where an unauthenticated attacker can send specially crafted requests to the Content Management Server (CMS). These requests can cause the CMS to crash and automatically restart.
By repeatedly sending these malicious requests, the attacker can cause a persistent disruption of the service, making the CMS completely unavailable.
How can this vulnerability impact me? :
The primary impact of this vulnerability is on the availability of the SAP BusinessObjects BI Platform's Content Management Server.
An attacker can cause the CMS to crash repeatedly, leading to persistent service disruption and rendering the CMS completely unavailable.
Confidentiality and integrity of the system are not affected by this vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know