Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects business intelligence 420 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41206
SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated malicious user to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there coul...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
490
VMScore
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0020
SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated malicious user to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrit...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
383
VMScore
CVE-2022-27671
A CSRF token visible in the URL may possibly lead to information disclosure vulnerability.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-24530
SAP BusinessObjects Business Intelligence Platform (CMC) - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On successful exploitation, attacker can perform operations that may completely comp...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0018
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these rep...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0022
SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated malicious user to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely comprom...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-27271
In SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
578
VMScore
CVE-2022-35169
SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the malicious user to modify the password or import the file into another s...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
605
VMScore
CVE-2022-35228
SAP BusinessObjects CMC allows an unauthenticated malicious user to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social en...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »