VulnCheck KEV: CVE-2020-6308

SAP BusinessObjects Business Intelligence Platform Web Services versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker...

CVE-2023-27894 Sensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platform

SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal...

CVE-2020-6308

SAP BusinessObjects Business Intelligence Platform Web Services versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker c...

PT-2020-19084 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Web Services versions 410, 420, 430 Description: The issue allows an unauthenticated attacker to inject arbitrary values as CMS parameters, enabling them to perform lookups on the internal...