Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects business intelligence 430 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-35228
SAP BusinessObjects CMC allows an unauthenticated malicious user to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social en...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
5.3
CVSSv3
CVE-2023-37489
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application'...
Sap Businessobjects Business Intelligence 430
7.5
CVSSv3
CVE-2022-27667
Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an malicious user to access information which would otherwise be restricted, leading to Information Disclosure.
Sap Businessobjects Business Intelligence Platform 430
5.3
CVSSv3
CVE-2022-39014
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an malicious user to access certain unencrypted sensitive parameters which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 430
4.3
CVSSv3
CVE-2021-33667
Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an malicious user to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted.
Sap Businessobjects Web Intelligence 420
Sap Businessobjects Web Intelligence 430
5.3
CVSSv3
CVE-2020-6308
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated malicious user to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Businessobjects Business Intelligence Platform 4.3
3 Github repositories
7.5
CVSSv3
CVE-2021-40500
SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated malicious user to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploita...
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
5.4
CVSSv3
CVE-2023-23856
In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to...
Sap Business Objects Business Intelligence Platform 430
6
CVSSv3
CVE-2022-31596
Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring database to retrieve and modify (non-personal) ...
Sap Business Objects Business Intelligence Platform 430
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4