{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T01:53:23.087","vulnerabilities":[{"cve":{"id":"CVE-2021-40497","sourceIdentifier":"cna@sap.com","published":"2021-10-12T15:15:09.407","lastModified":"2024-11-21T06:24:15.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version."},{"lang":"es","value":"SAP BusinessObjects Analysis (edición para OLAP) - versiones 420, 430, permite a un atacante explotar determinados endpoints de la aplicación para leer datos confidenciales. Estos endpoints están normalmente expuestos a través de la red y una explotación exitosa podría conllevar a una exposición de algunos datos específicos del sistema como su versión"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:businessobjects_analysis:420:*:*:*:*:*:*:*","matchCriteriaId":"EA90C6B0-4024-4DF9-A26E-0563B57C3DE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:businessobjects_analysis:430:*:*:*:*:*:*:*","matchCriteriaId":"E98408EE-D12A-4D49-9B18-6384893F6460"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/3098917","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/3098917","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}