https://www.bleepingcomputer.com/news/security/critical-sap-flaw-allows-remote-attackers-to-bypass-authentication/

SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system.

The flaw, tracked as CVE-2024-41730 and rated 9.8 as per the CVSS v3.1 system, is a "missing authentication check" bug impacting SAP BusinessObjects Business Intelligence Platform versions 430 and 440 and is exploitable under certain conditions.