Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects 420 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-32245
SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 420, 430, allows an unauthenticated malicious user to retrieve sensitive information plain text over the network. On successful exploitation, the attacker can view any data available for a business user...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
1 Article
NA
CVE-2023-28762
SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platf...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
NA
CVE-2023-28765
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the p...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
5.8
CVSSv2
CVE-2021-21444
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking ...
Sap Businessobjects Business Intelligence 410
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
5.5
CVSSv2
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0018
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these rep...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0020
SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated malicious user to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrit...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0022
SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated malicious user to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely comprom...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
4
CVSSv2
CVE-2022-22541
SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see through relational or OLAP connections. The main impact is the disclosure of company data to people that shouldn't or don't n...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
4.6
CVSSv2
CVE-2022-31591
SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service
Sap Businessobjects Bw Publisher Service 420
Sap Businessobjects Bw Publisher Service 430
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »