Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/15 12:0 a.m.41 views

SAP BusinessObjects Business Intelligence Platform Multiple Vulnerabilities (3287120)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is affected by a multiple vulnerabilities: - SSRF, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools CVE-2023-27271 - SSRF, n attack...

7.5CVSS6.7AI score0.00617EPSS
Exploits0References5
Circl
Circl
added 2023/03/14 12:54 p.m.6 views

CVE-2023-27894

creationtimestamp| type| source ---|---|--- 2023-03-14 12:54:03+00:00| seen| https://t.me/cibsecurity/59947 2025-02-27 18:27:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5742...

5.3CVSS5.5AI score0.00617EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/14 5:3 a.m.8 views

CVE-2023-27894 Sensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platform

SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal...

5CVSS5.4AI score0.00617EPSS
Exploits0References2
CVE
CVE
added 2023/03/14 5:3 a.m.72 views

CVE-2023-27894

CVE-2023-27894 affects SAP BusinessObjects BI Platform (Web Services) versions 420 and 430. The issue allows injecting arbitrary values into CMS parameters to perform internal-network lookups, enabling information disclosure and potential follow-on attacks (internal scanning, remote file inclusio...

5.3CVSS5.3AI score0.00617EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/14 5:3 a.m.48 views

CVE-2023-27894 Sensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platform

SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal...

5CVSS5.7AI score0.00617EPSS
Exploits0References2
Rows per page
Query Builder