Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business objects vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6254
Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote malicious users to execute arbitrary code via unspecified vectors.
Sap Business Objects
6
CVSSv3
CVE-2022-31596
Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring database to retrieve and modify (non-personal) ...
Sap Business Objects Business Intelligence Platform 430
5.4
CVSSv3
CVE-2022-31598
Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated malicious user to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confiden...
Sap Business Objects Business Intelligence Platform 420
5.4
CVSSv3
CVE-2023-23856
In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to...
Sap Business Objects Business Intelligence Platform 430
5.4
CVSSv3
CVE-2023-0015
In SAP BusinessObjects Business Intelligence Platform (Web Intelligence user interface) - version 420, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vuln...
Sap Business Objects Business Intelligence Platform 420
9.8
CVSSv3
CVE-2020-6242
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an malicious user to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificat...
Sap Businessobjects Business Intelligence Platform 1.0
Sap Businessobjects Business Intelligence Platform 2.0
Sap Businessobjects Business Intelligence Platform 2.1
Sap Businessobjects Business Intelligence Platform 2.2
Sap Businessobjects Business Intelligence Platform 2.3
1 Article
5.4
CVSSv3
CVE-2018-2397
In SAP Business Objects Business Intelligence Platform, 4.00, 4.10, 4.20, 4.30, the Central Management Console (CMC) does not sufficiently encode user controlled inputs which results in Cross-Site Scripting.
Sap Businessobjects Business Intelligence Platform 4.10
Sap Businessobjects Business Intelligence Platform 4.30
Sap Businessobjects Business Intelligence Platform 4.00
Sap Businessobjects Business Intelligence Platform 4.20
6.1
CVSSv3
CVE-2021-21444
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking ...
Sap Businessobjects Business Intelligence 410
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
7.5
CVSSv3
CVE-2019-0352
In SAP Business Objects Business Intelligence Platform, prior to 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.
Sap Businessobjects Business Intelligence Platform 4.10
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
9
CVSSv3
CVE-2023-37490
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »