CVE-2023-40622

SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application...

EUVD-2021-27673

Malicious code in bioql PyPI...

CVE-2023-30740

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality, limited impact on integrity and availability of the...

CVE-2023-27271

In SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability...

PT-2023-6626 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Promotion Management versions 420, 430 Description: The issue is related to insufficient protection of service data, which can be exploited by a remote attacker to impact the confidentiality,...

CVE-2023-37490

SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the...

CVE-2023-30741

Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited...

CVE-2023-30740

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality, limited impact on integrity and availability of the...

SAP BusinessObjects Business Intelligence Platform 信息泄露漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

PYSEC-2023-315

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and deploy...

SAP Business Objects 代码问题漏洞

SAP Business Objects is a business intelligence suite from SAP, Germany. A security vulnerability exists in SAP Business Objects Platform versions 420 and 430, which stems from a vulnerability that allows an attacker with normal BI user privileges to upload/replace any file on the Business Object...

CVE-2022-39800

SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network. On successful exploitation, an attacker can view or modify information causing a limited...

SAP BusinessObjects BI LaunchPad 跨站脚本漏洞

SAP BusinessObjects BI LaunchPad is a standard Web portal for users of the SAP BusinessObjects Business Intelligence BI platform from SAP. A code execution vulnerability exists in SAP BusinessObjects BI LaunchPad versions 420 and 430, which stems from failure to properly clean up user input when...

CVE-2022-31591

SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service...

SAP BusinessObjects BW Publisher Service 代码问题漏洞

SAP BusinessObjects BW Publisher Service is a model-driven data warehouse product from SAP Germany. An elevation of privilege vulnerability exists in versions 420 and 430 of the SAP BusinessObjects BW Publisher Service, which stems from the use of search paths that contain un-referenced elements,...

CVE-2022-22541

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see through relational or OLAP connections. The main impact is the disclosure of company data to people that shouldn't or don't need to have access...

CVE-2022-24398

Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted...

CVE-2022-24398

Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted...

CVE-2021-33667

Under certain conditions, SAP Business Objects Web Intelligence BI Launchpad versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted...