5 matches found
SAP BusinessObjects Business Intelligence Platform Multiple Vulnerabilities (3287120)
The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is affected by a multiple vulnerabilities: - SSRF, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools CVE-2023-27271 - SSRF, n attack...
CVE-2023-27894
creationtimestamp| type| source ---|---|--- 2023-03-14 12:54:03+00:00| seen| https://t.me/cibsecurity/59947 2025-02-27 18:27:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5742...
CVE-2023-27894 Sensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platform
SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal...
CVE-2023-27894
CVE-2023-27894 affects SAP BusinessObjects BI Platform (Web Services) versions 420 and 430. The issue allows injecting arbitrary values into CMS parameters to perform internal-network lookups, enabling information disclosure and potential follow-on attacks (internal scanning, remote file inclusio...
CVE-2023-27894 Sensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platform
SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal...