Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business intelligence platform - vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2016-6818
SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote malicious users to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted S...
Sap Business Intelligence Platform -
668
VMScore
CVE-2020-6242
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an malicious user to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificat...
Sap Businessobjects Business Intelligence Platform 1.0
Sap Businessobjects Business Intelligence Platform 2.0
Sap Businessobjects Business Intelligence Platform 2.1
Sap Businessobjects Business Intelligence Platform 2.2
Sap Businessobjects Business Intelligence Platform 2.3
1 Article
605
VMScore
CVE-2022-35228
SAP BusinessObjects CMC allows an unauthenticated malicious user to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social en...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
605
VMScore
CVE-2019-0398
Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), prior to 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery.
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Businessobjects Business Intelligence Platform 4.3
605
VMScore
CVE-2019-0287
Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
578
VMScore
CVE-2022-35169
SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the malicious user to modify the password or import the file into another s...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
578
VMScore
CVE-2020-6219
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Crystal Reports For Visual Studio 2010
1 Article
571
VMScore
CVE-2020-6294
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.
Sap Businessobjects Business Intelligence Platform 4.3
Sap Businessobjects Business Intelligence Platform 4.2
517
VMScore
CVE-2021-33697
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated malicious user to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
516
VMScore
CVE-2021-21444
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking ...
Sap Businessobjects Business Intelligence 410
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »