{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T23:46:03.466","vulnerabilities":[{"cve":{"id":"CVE-2025-23185","sourceIdentifier":"cna@sap.com","published":"2025-03-11T01:15:34.330","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Due to improper error handling in SAP Business Objects Business Intelligence Platform, technical details of the application are revealed in exceptions thrown to the user and in stack traces. Only an attacker with administrator level privileges has access to this disclosed information, and they could use it to craft further exploits. There is no impact on the integrity and availability of the application."},{"lang":"es","value":"Debido a la gestión inadecuada de errores en SAP Business Objects Business Intelligence Platform, los detalles técnicos de la aplicación se revelan en excepciones lanzadas al usuario y en los seguimientos de pila. Solo un atacante con privilegios de nivel de administrador tiene acceso a esta información revelada y podría usarla para manipular otros ataques. No hay impacto en la integridad y disponibilidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-209"}]}],"references":[{"url":"https://me.sap.com/notes/3549494","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}