Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-41206
SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated malicious user to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there coul...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.5
CVSSv3
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
5
CVSSv3
CVE-2020-6218
Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an malicious user to access information that should otherwise be restricted, leading to Information Disclosure.
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
5.4
CVSSv3
CVE-2020-6222
SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
1 Article
4.8
CVSSv3
CVE-2020-6300
SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code to a different end user (victim), as it does not sufficiently encode user-controll...
Sap Businessobjects Business Intelligence Platform 4.2
Sap Businessobjects Business Intelligence Platform 4.3
5.4
CVSSv3
CVE-2020-6312
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page properties, can modify how a browser processes particular page elements, leading to ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
7.5
CVSSv3
CVE-2021-40500
SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated malicious user to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploita...
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
7.1
CVSSv3
CVE-2023-0020
SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated malicious user to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrit...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
6.5
CVSSv3
CVE-2022-27671
A CSRF token visible in the URL may possibly lead to information disclosure vulnerability.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
7.8
CVSSv3
CVE-2022-31591
SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service
Sap Businessobjects Bw Publisher Service 420
Sap Businessobjects Bw Publisher Service 430
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »