Lucene search
+L

35 matches found

NVD
NVD
added 2023/04/11 3:15 a.m.26 views

CVE-2023-28765

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user,...

9.8CVSS9.5AI score0.14942EPSS
Exploits0References2
CVE
CVE
added 2023/04/11 2:53 a.m.105 views

CVE-2023-28765

CVE-2023-28765 concerns SAP BusinessObjects Business Intelligence Platform (Promotion Management) prior to patch versions; specifically 420 and 430. The root cause involves handling of the internal file lcmbiar , enabling a basic-privilege attacker to access and decrypt the file, potentially expo...

9.8CVSS9.5AI score0.14942EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/11 2:53 a.m.7 views

CVE-2023-28765 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management )

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user,...

9.8CVSS6.9AI score0.14942EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/11 2:53 a.m.36 views

CVE-2023-28765 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management )

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user,...

9.8CVSS9.6AI score0.14942EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.12 views

PT-2023-21947 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Promotion Management versions 420, 430 Description: An attacker with basic privileges can access the lcmbiar file and decrypt it, potentially gaining access to BI user passwords. Depending on...

9.8CVSS9.3AI score0.14942EPSS
Exploits0References7
OSV
OSV
added 2017/12/12 2:29 p.m.3 views

CVE-2017-16681

Cross-Site Scripting XSS vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded...

6.1CVSS5.8AI score0.00961EPSS
Exploits0References3
NVD
NVD
added 2017/12/12 2:29 p.m.14 views

CVE-2017-16684

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...

9.8CVSS9.7AI score0.02499EPSS
Exploits0References3
Prion
Prion
added 2017/12/12 2:29 p.m.17 views

Authentication flaw

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...

7.5CVSS9.6AI score0.02499EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/12/12 2:29 p.m.5 views

CVE-2017-16684

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...

9.8CVSS5.8AI score0.02499EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/12/12 2:0 p.m.21 views

CVE-2017-16684

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...

9.7AI score0.02499EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/12/12 2:0 p.m.18 views

CVE-2017-16681

Cross-Site Scripting XSS vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded...

6AI score0.00961EPSS
Exploits0References3
CVE
CVE
added 2017/12/12 2:0 p.m.51 views

CVE-2017-16681

CVE-2017-16681 affects SAP Business Intelligence Promotion Management Application Enterprise (versions 4.10, 4.20, 4.30). The issue is a Cross-Site Scripting (XSS) vulnerability where user-controlled inputs are not sufficiently encoded, enabling arbitrary code execution in a victim’s browser. Con...

6.1CVSS5.9AI score0.00961EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/12/12 2:0 p.m.51 views

CVE-2017-16684

The CVE-2017-16684 entry concerns SAP Business Intelligence Promotion Management Application (Enterprise editions 4.10, 4.20, 4.30) where authentication checks are not performed for functions requiring user identity. Connected sources corroborate an authentication bypass affecting Promotion Manag...

9.8CVSS9.6AI score0.02499EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/11/15 12:0 a.m.6 views

SAP Business Intellignece Promotion Management Application Enterprise Cross-Site Scripting Vulnerability

SAP Business Intellignece BI is a set of business intelligence software from SAP, which provides report query, data analysis, data mining, data backup and recovery, etc. Promotion Management Application Enterprise is one of the enterprise promotion Management Application Enterprise is one of the...

6.1CVSS6.8AI score0.00961EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/15 12:0 a.m.5 views

SAP Business Intelligence Promotion Management Application Security Bypass Vulnerability

SAP Business Intellignece BI is a set of business intelligence software from SAP, which provides report query, data analysis, data mining, data backup and recovery, etc. Promotion Management Application Enterprise is one of the enterprise promotion Management Application Enterprise is one of the...

9.8CVSS6.9AI score0.02499EPSS
Exploits0References1
Rows per page
Query Builder