Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects 4.0 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
668
VMScore
CVE-2018-2408
Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad. In case of password change for a user, all other active sessions created using older password continues to be active.
Sap Businessobjects 4.20
Sap Businessobjects 4.0
Sap Businessobjects 4.10
Sap Businessobjects 4.30
1 Article
632
VMScore
CVE-2014-8310
The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remote malicious users to cause a denial of service (server shutdown) via crafted OSCAFactory::Session ORB message.
Sap Businessobjects 4.0
605
VMScore
CVE-2018-2442
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.0
Sap Internet Graphics Server 7.45
Sap Internet Graphics Server 7.53
Sap Internet Graphics Server 7.20
Sap Internet Graphics Server 7.20ext
Sap Internet Graphics Server 7.49
490
VMScore
CVE-2019-0396
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will no...
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
445
VMScore
CVE-2015-2074
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to write to arbitrary files via a full pathname, aka SAP Note 2018681.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2015-2073
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to read arbitrary files via a full pathname, aka SAP Note 2018682.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2015-2076
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote malicious users to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2015-2075
SAP BusinessObjects Edge 4.0 allows remote malicious users to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2014-8309
SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames via SecEnterprise authent...
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R2
Sap Businessobjects 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »