Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-0348
SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
6.1
CVSSv3
CVE-2018-2444
SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Financial Consolidation 10.1
Sap Businessobjects Financial Consolidation 10.0
5.4
CVSSv3
CVE-2022-41206
SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated malicious user to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there coul...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
4.9
CVSSv3
CVE-2022-35296
Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Version Management System) exposes sensitive information to an actor over the network with high privileges that is not explicitly authorized to have access to that information, leading t...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
5.4
CVSSv3
CVE-2021-33696
SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2021-33697
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated malicious user to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2018-2431
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence 4.10
Sap Businessobjects Business Intelligence 4.20
9.6
CVSSv3
CVE-2018-2445
AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an malicious user to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
7.5
CVSSv3
CVE-2018-2446
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
Sap Businessobjects Business Intelligence 4.1
Sap Businessobjects Business Intelligence 4.2
5.3
CVSSv3
CVE-2018-2467
In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the path of the used application server.
Sap Businessobjects Bi Platform 4.1
Sap Businessobjects Bi Platform 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »