Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects business intelligence 4.1 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2019-0396
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will no...
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
8.8
CVSSv3
CVE-2020-6219
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Crystal Reports For Visual Studio 2010
1 Article
7.5
CVSSv3
CVE-2019-0352
In SAP Business Objects Business Intelligence Platform, prior to 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.
Sap Businessobjects Business Intelligence Platform 4.10
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
8.8
CVSSv3
CVE-2018-2442
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
Sap Businessobjects Business Intelligence 4.2
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.0
Sap Internet Graphics Server 7.45
Sap Internet Graphics Server 7.53
Sap Internet Graphics Server 7.20
Sap Internet Graphics Server 7.20ext
Sap Internet Graphics Server 7.49
6.1
CVSSv3
CVE-2018-2472
SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Bi Platform 4.2
Sap Businessobjects Bi Platform 4.1
6.1
CVSSv3
CVE-2018-2479
SAP BusinessObjects Business Intelligence Platform (BIWorkspace), versions 4.1 and 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Bi Platform 4.2
Sap Businessobjects Bi Platform 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4