Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business objects business intelligence platform 430 vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv3
CVE-2023-42478
SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an malicious user to upload agnostic documents in the system which when opened by any other user could lead to high impact on integrity of the application.
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
8.8
CVSSv3
CVE-2023-25616
In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an malicious user to gain access to resources that are allowed by extra privileges. Successful atta...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
1 Article
8.8
CVSSv3
CVE-2023-25617
SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom applicati...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
1 Article
5.4
CVSSv3
CVE-2023-23856
In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to...
Sap Business Objects Business Intelligence Platform 430
8.8
CVSSv3
CVE-2022-41267
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the malicious user to take full control of the system causing a high impact on co...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
4.3
CVSSv3
CVE-2022-41263
Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) - versions 420, 430, allows an authenticated non-administrator malicious user to modify the data source information for a document that is otherwise restricted. On succes...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
6
CVSSv3
CVE-2022-31596
Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring database to retrieve and modify (non-personal) ...
Sap Business Objects Business Intelligence Platform 430
7.6
CVSSv3
CVE-2022-39013
Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the malicious user to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availab...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
6.5
CVSSv3
CVE-2022-39015
Under certain conditions, BOE AdminTools/ BOE SDK allows an malicious user to access information which would otherwise be restricted.
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
6.5
CVSSv3
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »