PatchSiren cyber security CVE debrief
CVE-2026-44743 SAP_SE CVE debrief
CVE-2026-44743 is a low-severity vulnerability in SAP Business Objects that leaks sensitive information when an unauthorized attacker accesses a specific endpoint. The vulnerability has a CVSS score of 3.7 and affects the confidentiality of data, with no impact on integrity and availability.
- Vendor
- SAP_SE
- Product
- SAP Business Objects
- CVSS
- LOW 3.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Security teams and administrators responsible for SAP Business Objects applications should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information. This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.
Defensive priority
low
Recommended defensive actions
- Apply patches or updates provided by SAP to fix the vulnerability.
- Restrict access to the specific endpoint to authorized personnel only.
- Monitor the application for any suspicious activity.
Evidence notes
The CVE record and NVD detail provide information on the vulnerability, including its CVSS score and vector.
Official resources
CVE-2026-44743 was published on 2026-06-09T01:16:46.187Z and modified on 2026-06-09T02:08:28.150Z.