Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects 4.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
6.1
CVSSv3
CVE-2019-0332
SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an malicious user to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
5.4
CVSSv3
CVE-2019-0334
When creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker coul...
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
6.1
CVSSv3
CVE-2019-0335
Under certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Console), versions 4.1, 4.2, 4.3, allows an malicious user to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor i...
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
8.1
CVSSv3
CVE-2019-0268
SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an XML document accepted from an untrusted source.
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
6.1
CVSSv3
CVE-2019-0326
SAP BusinessObjects Business Intelligence Platform (BI Workspace) (Enterprise), versions 4.1, 4.2, 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
5.3
CVSSv3
CVE-2019-0331
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an malicious user to access sensitive data such as directory structure, leading to Information Disclosure.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
Sap Businessobjects Business Intelligence 4.1
5.4
CVSSv3
CVE-2018-2432
SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an malicious user to include invalidated data in the HTTP response header sent to a Web user. Successful exploitation of this vulnerability may lead to advan...
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.3
6.5
CVSSv3
CVE-2019-0348
SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
7.5
CVSSv3
CVE-2018-2446
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »