35 matches found
CVE-2023-28765
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user,...
CVE-2023-28765
CVE-2023-28765 concerns SAP BusinessObjects Business Intelligence Platform (Promotion Management) prior to patch versions; specifically 420 and 430. The root cause involves handling of the internal file lcmbiar , enabling a basic-privilege attacker to access and decrypt the file, potentially expo...
CVE-2023-28765 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management )
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user,...
CVE-2023-28765 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management )
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user,...
PT-2023-21947 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Promotion Management versions 420, 430 Description: An attacker with basic privileges can access the lcmbiar file and decrypt it, potentially gaining access to BI user passwords. Depending on...
CVE-2017-16681
Cross-Site Scripting XSS vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded...
CVE-2017-16684
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...
Authentication flaw
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...
CVE-2017-16684
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...
CVE-2017-16684
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...
CVE-2017-16681
Cross-Site Scripting XSS vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded...
CVE-2017-16681
CVE-2017-16681 affects SAP Business Intelligence Promotion Management Application Enterprise (versions 4.10, 4.20, 4.30). The issue is a Cross-Site Scripting (XSS) vulnerability where user-controlled inputs are not sufficiently encoded, enabling arbitrary code execution in a victim’s browser. Con...
CVE-2017-16684
The CVE-2017-16684 entry concerns SAP Business Intelligence Promotion Management Application (Enterprise editions 4.10, 4.20, 4.30) where authentication checks are not performed for functions requiring user identity. Connected sources corroborate an authentication bypass affecting Promotion Manag...
SAP Business Intellignece Promotion Management Application Enterprise Cross-Site Scripting Vulnerability
SAP Business Intellignece BI is a set of business intelligence software from SAP, which provides report query, data analysis, data mining, data backup and recovery, etc. Promotion Management Application Enterprise is one of the enterprise promotion Management Application Enterprise is one of the...
SAP Business Intelligence Promotion Management Application Security Bypass Vulnerability
SAP Business Intellignece BI is a set of business intelligence software from SAP, which provides report query, data analysis, data mining, data backup and recovery, etc. Promotion Management Application Enterprise is one of the enterprise promotion Management Application Enterprise is one of the...