Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects 4.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-2446
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
5.3
CVSSv3
CVE-2018-2467
In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the path of the used application server.
Sap Businessobjects Bi Platform 4.1
Sap Businessobjects Bi Platform 4.2
6.1
CVSSv3
CVE-2018-2472
SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Bi Platform 4.2
Sap Businessobjects Bi Platform 4.1
4.3
CVSSv3
CVE-2018-2483
HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console (CMC) by changing request method.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
9.6
CVSSv3
CVE-2018-2445
AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an malicious user to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
6.5
CVSSv3
CVE-2018-2473
SAP BusinessObjects Business Intelligence Platform Server, versions 4.1 and 4.2, when using Web Intelligence Richclient 3 tiers mode gateway allows an malicious user to prevent legitimate users from accessing a service, either by crashing or flooding the service.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
NA
CVE-2014-9387
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905.
Sap Businessobjects 4.1
5.3
CVSSv3
CVE-2020-6308
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated malicious user to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Businessobjects Business Intelligence Platform 4.3
3 Github repositories
5.4
CVSSv3
CVE-2019-0376
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), prior to 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows an malicious user to save malicious scripts in the publication name, which can be executed later by the victi...
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
9.6
CVSSv3
CVE-2020-26831
SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to int...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Businessobjects Business Intelligence Platform 4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »