{"cve":{"cve_id":"CVE-2025-31332","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00126,"epss_percentile":0.0263,"epss_as_of":"2026-06-23","description":"Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this vulnerability does not disclose any sensitive data.","published_at":"2025-04-08T07:15:36.708000Z","last_modified_at":null,"cvss_v3_score":6.6,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-277"],"nvd_references":["https://me.sap.com/notes/3565751","https://url.sap/sapsecuritypatchday"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:26:21.628086Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"sap-se","vendor_name":"SAP_SE","product_slug":"sap-businessobjects-business-intelligence-platform","product_name":"SAP BusinessObjects Business Intelligence Platform","version_start":"ENTERPRISE 430","version_start_inclusive":true,"version_end":"ENTERPRISE 430","version_end_inclusive":true,"cpe23_uri":"cve5:sap-se:sap-businessobjects-business-intelligence-platform:ENTERPRISE 430:ENTERPRISE 430"}],"exploit_refs":[],"news":[],"references":[{"url":"https://me.sap.com/notes/3565751","source_type":"MISC","tags":[]},{"url":"https://url.sap/sapsecuritypatchday","source_type":"MISC","tags":["patch"]}],"timeline":[{"type":"published","at":"2025-04-08T07:15:36.708000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:44:49.534124Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:44:49.534124Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:44:49.534124Z","label":"CVSS score revised","source":"cvelistv5"}]}