Lucene search

[email protected]CVE-2010-3983

HistoryOct 18, 2010 - 5:00 p.m.

CVE-2010-3983

2010-10-1817:00:04

CWE-264

[email protected]

web.nvd.nist.gov

cve-2010-3983

cmcapp

sap

businessobjects

enterprise xi 3.2

remote authenticated

privileges

program job server

program login

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.

Affected configurations

NVD

Node

sapbusinessobjectsMatch3.2enterprise_xi

CPENameOperatorVersion
sap:businessobjectssap businessobjectseq3.2

CPE	Name	Operator	Version
sap:businessobjects	sap businessobjects	eq	3.2

References

osvdb.org/68682

spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

Related for CVE-2010-3983

cvelist1 nvd1 prion1