By exploit a search token privilege escalation vulnerability, a remote and potentially unauthenticated attacker would be able to access or modify any information stored on the SAP BusineesObjects server. The attacker could also connect to the business systems depending on the configuration of the BO infrastructure. BusinessObjects Edge version 4.1 is affected.