Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects business intelligence vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2019-0395
SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability.
Sap Businessobjects Business Intelligence Platform
1 Article
NA
CVE-2022-39014
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an malicious user to access certain unencrypted sensitive parameters which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-42472
Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticate...
Sap Businessobjects Business Intelligence Platform 420
5
CVSSv2
CVE-2020-6189
Certain settings page(s) in SAP Business Objects Business Intelligence Platform (CMC), version 4.2, generates error messages that can give enterprise private-network related information which would otherwise be restricted leading to Information Disclosure.
Sap Businessobjects Business Intelligence Platform 4.2
4.3
CVSSv2
CVE-2020-6216
SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
3.5
CVSSv2
CVE-2020-6231
SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
4.6
CVSSv2
CVE-2020-6245
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.
Sap Businessobjects Business Intelligence Platform 4.2
5
CVSSv2
CVE-2020-6247
SAP Business Objects Business Intelligence Platform, version 4.2, allows an unauthenticated malicious user to prevent legitimate users from accessing a service. Using a specially crafted request, the attacker can crash or flood the Central Management Server, thereby impacting sys...
Sap Businessobjects Business Intelligence Platform 4.2
5
CVSSv2
CVE-2020-6251
Under certain conditions or error scenarios SAP Business Objects Business Intelligence Platform, version 4.2, allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 4.2
3.5
CVSSv2
CVE-2020-6257
SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 4.2 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »