Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects business intelligence vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-0395
SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability.
Sap Businessobjects Business Intelligence Platform
1 Article
6.1
CVSSv3
CVE-2022-28216
SAP BusinessObjects Business Intelligence Platform (BI Workspace) - version 420, is susceptible to a Cross-Site Scripting attack by an unauthenticated attacker due to improper sanitization of the user inputs on the network. On successful exploitation, an attacker can access certa...
Sap Businessobjects Business Intelligence Platform 420
7.5
CVSSv3
CVE-2022-27667
Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an malicious user to access information which would otherwise be restricted, leading to Information Disclosure.
Sap Businessobjects Business Intelligence Platform 430
7.3
CVSSv3
CVE-2023-42472
Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticate...
Sap Businessobjects Business Intelligence Platform 420
5.3
CVSSv3
CVE-2022-39014
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an malicious user to access certain unencrypted sensitive parameters which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 430
6.1
CVSSv3
CVE-2020-6216
SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
7.5
CVSSv3
CVE-2020-6227
SAP Business Objects Business Intelligence Platform (CMS / Auditing issues), version 4.2, allows malicious user to send specially crafted GIOP packets to several services due to Improper Input Validation, allowing to forge additional entries in GLF log files.
Sap Businessobjects Business Intelligence Platform 4.2
6.5
CVSSv3
CVE-2020-6251
Under certain conditions or error scenarios SAP Business Objects Business Intelligence Platform, version 4.2, allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 4.2
5.4
CVSSv3
CVE-2020-6257
SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 4.2 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
5.3
CVSSv3
CVE-2020-6189
Certain settings page(s) in SAP Business Objects Business Intelligence Platform (CMC), version 4.2, generates error messages that can give enterprise private-network related information which would otherwise be restricted leading to Information Disclosure.
Sap Businessobjects Business Intelligence Platform 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »