sap businessobjects 420 vulnerabilities and exploits

(subscribe to this query)

During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Avai...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430 Sap Businessobjects 430 Sap Businessobjects 420

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files ...

Sap Businessobjects 420 Sap Businessobjects 430

SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an malicious user to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system s...

Sap Businessobjects Analysis 420 Sap Businessobjects Analysis 430

Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated malicious user to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify informatio...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430

Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an malicious user to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted.

Sap Businessobjects Web Intelligence 420 Sap Businessobjects Web Intelligence 430

SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430

SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 420, 430, allows an unauthenticated malicious user to retrieve sensitive information plain text over the network. On successful exploitation, the attacker can view any data available for a business user...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430

1 Article

SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, allows an malicious user to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attack...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated malicious user to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality, limited impact on integrity a...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430

SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. Although...

Sap Businessobjects Business Intelligence 420 Sap Businessobjects Business Intelligence 430

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook