Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-2471
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.10
445
VMScore
CVE-2018-2467
In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the path of the used application server.
Sap Businessobjects Bi Platform 4.1
Sap Businessobjects Bi Platform 4.2
445
VMScore
CVE-2018-2446
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
445
VMScore
CVE-2015-2076
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote malicious users to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2015-2075
SAP BusinessObjects Edge 4.0 allows remote malicious users to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.
Sap Businessobjects Edge 4.0
445
VMScore
CVE-2014-8309
SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames via SecEnterprise authent...
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R2
Sap Businessobjects 4.0
445
VMScore
CVE-2014-8315
polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depending on if a connection can be made, which allows remote malicious users to conduct port scanning attacks via a host name and port in the cms parameter.
Sap Businessobjects Explorer 14.0.5
445
VMScore
CVE-2014-8316
XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 allows remote malicious users to read arbitrary files via the xmlParameter parameter in an explorationSpaceUpdate request.
Sap Businessobjects Explorer 14.0.5
445
VMScore
CVE-2010-3979
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote malicious users to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI.
Sap Businessobjects 3.2
445
VMScore
CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an &...
Sap Businessobjects 3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »