Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects - vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-2408
Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad. In case of password change for a user, all other active sessions created using older password continues to be active.
Sap Businessobjects 4.20
Sap Businessobjects 4.0
Sap Businessobjects 4.10
Sap Businessobjects 4.30
1 Article
890
VMScore
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
409
VMScore
CVE-2022-28214
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Avai...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
Sap Businessobjects 430
Sap Businessobjects 420
445
VMScore
CVE-2014-8309
SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames via SecEnterprise authent...
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R2
Sap Businessobjects 4.0
356
VMScore
CVE-2017-16683
Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4.10 and 4.20, that could allow an malicious user to prevent legitimate users from accessing a service.
Sap Businessobjects 4.10
Sap Businessobjects 4.20
NA
CVE-2023-28764
SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and dom...
Sap Businessobjects 4.20
Sap Businessobjects 4.30
383
VMScore
CVE-2019-0303
SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an malicious user to build a special url that exe...
Sap Businessobjects 4.2
Sap Businessobjects 4.3
NA
CVE-2023-40623
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files ...
Sap Businessobjects 420
Sap Businessobjects 430
383
VMScore
CVE-2019-0251
The Fiori Launchpad of SAP BusinessObjects, prior to 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
668
VMScore
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an malicious user to upload any file (including script files) without proper file format validation.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »