Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap businessobjects business intelligence platform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-6276
SAP Business Objects Business Intelligence Platform (bipodata), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
1 Article
4.3
CVSSv2
CVE-2020-6281
SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting.
Sap Businessobjects Business Intelligence Platform 4.2
1 Article
NA
CVE-2023-42472
Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticate...
Sap Businessobjects Business Intelligence Platform 420
5
CVSSv2
CVE-2020-6227
SAP Business Objects Business Intelligence Platform (CMS / Auditing issues), version 4.2, allows malicious user to send specially crafted GIOP packets to several services due to Improper Input Validation, allowing to forge additional entries in GLF log files.
Sap Businessobjects Business Intelligence Platform 4.2
3.5
CVSSv2
CVE-2020-6231
SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
5
CVSSv2
CVE-2020-6251
Under certain conditions or error scenarios SAP Business Objects Business Intelligence Platform, version 4.2, allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 4.2
4.3
CVSSv2
CVE-2022-27667
Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an malicious user to access information which would otherwise be restricted, leading to Information Disclosure.
Sap Businessobjects Business Intelligence Platform 430
3.5
CVSSv2
CVE-2021-42061
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This allows a low privileged malicious user to retrieve some data from the victim but w...
Sap Businessobjects Business Intelligence Platform 420
NA
CVE-2022-39014
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an malicious user to access certain unencrypted sensitive parameters which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 430
4.6
CVSSv2
CVE-2020-6245
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.
Sap Businessobjects Business Intelligence Platform 4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »