Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects business intelligence platform vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0018
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these rep...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
6.5
CVSSv2
CVE-2022-35169
SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the malicious user to modify the password or import the file into another s...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-24530
SAP BusinessObjects Business Intelligence Platform (CMC) - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On successful exploitation, attacker can perform operations that may completely comp...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
5.5
CVSSv2
CVE-2022-28213
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful e...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0020
SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated malicious user to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrit...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
NA
CVE-2023-0022
SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated malicious user to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely comprom...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
6.8
CVSSv2
CVE-2022-35228
SAP BusinessObjects CMC allows an unauthenticated malicious user to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social en...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
5
CVSSv2
CVE-2018-2471
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an malicious user to access information which would otherwise be restricted.
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.10
3.5
CVSSv2
CVE-2019-0377
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), prior to 4.2, does not sufficiently encode user-controlled inputs and allows an malicious user to store malicious scripts in the input controls, resulting in Stored Cross-Site Scripting.
Sap Businessobjects Business Intelligence Platform 4.0
Sap Businessobjects Business Intelligence Platform 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »