12 matches found
CVE-2023-40622
SAP BusinessObjects Business Intelligence Platform Promotion Management - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application...
CVE-2023-30740
SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality, limited impact on integrity and availability of the...
CVE-2023-27271
In SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability...
PT-2023-6626 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Promotion Management versions 420, 430 Description: The issue is related to insufficient protection of service data, which can be exploited by a remote attacker to impact the confidentiality,...
PYSEC-2023-315
SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...
SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and deploy...
SAP Business Objects 代码问题漏洞
SAP Business Objects is a business intelligence suite from SAP, Germany. A security vulnerability exists in SAP Business Objects Platform versions 420 and 430, which stems from a vulnerability that allows an attacker with normal BI user privileges to upload/replace any file on the Business Object...
CVE-2022-39800
SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network. On successful exploitation, an attacker can view or modify information causing a limited...
SAP BusinessObjects BI LaunchPad 跨站脚本漏洞
SAP BusinessObjects BI LaunchPad is a standard Web portal for users of the SAP BusinessObjects Business Intelligence BI platform from SAP. A code execution vulnerability exists in SAP BusinessObjects BI LaunchPad versions 420 and 430, which stems from failure to properly clean up user input when...
SAP BusinessObjects BW Publisher Service 代码问题漏洞
SAP BusinessObjects BW Publisher Service is a model-driven data warehouse product from SAP Germany. An elevation of privilege vulnerability exists in versions 420 and 430 of the SAP BusinessObjects BW Publisher Service, which stems from the use of search paths that contain un-referenced elements,...
CVE-2022-22541
SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see through relational or OLAP connections. The main impact is the disclosure of company data to people that shouldn't or don't need to have access...
CVE-2022-24398
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted...