18 matches found
EUVD-2022-41561
Malicious code in bioql PyPI...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-39015
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted...
CVE-2023-27896
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability...
CVE-2023-27271
In SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability...
CVE-2023-27896 Server Side Request Forgery (SSRF) in the SAP BusinessObjects Business Intelligence platform
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability...
CVE-2022-39015
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted...
CVE-2022-39015
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted...
CVE-2022-39015
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted...
Authentication flaw
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted...
CVE-2022-39015
CVE-2022-39015 affects SAP BusinessObjects Business Intelligence Platform via BOE AdminTools/BOE SDK. Under certain conditions, an attacker can access information that should be restricted (validated by NVD entry and related Red Hat/CNVD entries). CVSSv3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, ba...
CVE-2022-39015
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted...
PT-2022-24671 · Boe Sdk +1 · Boe Sdk +1
Name of the Vulnerable Software and Affected Versions: BOE AdminTools/ BOE SDK affected versions not specified Description: The issue allows an attacker to access restricted information under certain conditions. Recommendations: At the moment, there is no information about a newer version that...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
Authentication flaw
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-32244
CVE-2022-32244 describes an authentication-related issue in SAP BusinessObjects BI Platform where an attacker authenticated as a CMS administrator can access and modify data in the BOE Commentary database. Under certain conditions and with high-privilege access on the same physical/logical networ...