Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business objects vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-6242
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an malicious user to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificat...
Sap Businessobjects Business Intelligence Platform 1.0
Sap Businessobjects Business Intelligence Platform 2.0
Sap Businessobjects Business Intelligence Platform 2.1
Sap Businessobjects Business Intelligence Platform 2.2
Sap Businessobjects Business Intelligence Platform 2.3
1 Article
9.8
CVSSv3
CVE-2020-6195
SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext password in the response, leading to Information Disclosure. It involves social engineering in order to gain access to system and If password is known, it would give administrative rights...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
9.1
CVSSv3
CVE-2020-6294
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.
Sap Businessobjects Business Intelligence Platform 4.3
Sap Businessobjects Business Intelligence Platform 4.2
9
CVSSv3
CVE-2023-37490
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
8.8
CVSSv3
CVE-2023-25616
In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an malicious user to gain access to resources that are allowed by extra privileges. Successful atta...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
1 Article
8.8
CVSSv3
CVE-2023-25617
SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom applicati...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
1 Article
8.8
CVSSv3
CVE-2022-41267
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the malicious user to take full control of the system causing a high impact on co...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
8.8
CVSSv3
CVE-2020-6219
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Crystal Reports For Visual Studio 2010
1 Article
8.2
CVSSv3
CVE-2020-6208
SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the malicious user to control the behaviour of the application, leading ...
Sap Crystal Reports 4.1
Sap Crystal Reports 4.2
7.6
CVSSv3
CVE-2023-42478
SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an malicious user to upload agnostic documents in the system which when opened by any other user could lead to high impact on integrity of the application.
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »