cvedb.io
CVE-2023-0016
CRITICAL · CVSS 9.9
EPSS exploitation probability: 0%
Published 2023-01-10T04:15:09.797 · Last modified 2026-06-17T05:24:36.050

Summary

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database.

Affected products

sap — business_planning_and_consolidation

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.