Lucene search
K

206 matches found

Prion
Prion
added 2020/02/12 8:15 p.m.20 views

Information disclosure

Certain settings pages in SAP Business Objects Business Intelligence Platform CMC, version 4.2, generates error messages that can give enterprise private-network related information which would otherwise be restricted leading to Information Disclosure...

5CVSS5.2AI score0.00878EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/01/08 12:0 a.m.1 views

Command Execution Vulnerability in CBoard

CBoard is a self-help BI data analysis platform led by Shanghai Chugo Information Technology Co. CBoard has a command execution vulnerability that can be exploited by attackers to execute malicious code...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2019/12/16 11:30 a.m.81 views

TheTHE - Simple, Shareable, Team-Focused And Expandable Threat Hunting Experience

TheTHE is an environment intended to help analysts and hunters over the early stages of their work in an easier, unified and quicker way. One of the major drawbacks when dealing with a hunting is the collection of information available on a high number of sources, both public and private. All thi...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2019/12/11 12:0 a.m.2 views

SAP Business Objects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2019-46442)

SAP Business Objects Business Intelligence Platform is a suite of bookstore intelligence software and enterprise performance solutions from Germany's SAP. The product features report generation, analytics and data visualization. A cross-site scripting vulnerability exists in SAP BusinessObjects...

5.4CVSS6.3AI score0.00733EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/11 12:0 a.m.3 views

SAP Business Objects Business Intelligence Platform Cross-Site Request Forgery Vulnerability

SAP Business Objects Business Intelligence Platform is a suite of bookstore intelligence software and enterprise performance solutions from Germany's SAP. The product features report generation, analytics and data visualization. A cross-site request forgery vulnerability exists in SAP...

8.8CVSS6.8AI score0.00454EPSS
Exploits0References1
OSV
OSV
added 2019/10/08 8:15 p.m.4 views

CVE-2019-0374

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting...

5.4CVSS6.2AI score0.00733EPSS
Exploits0References2
OSV
OSV
added 2019/09/10 5:15 p.m.7 views

CVE-2019-0352

In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages like jsp are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout...

7.5CVSS7.1AI score0.01082EPSS
Exploits0References2
NVD
NVD
added 2019/08/14 2:15 p.m.17 views

CVE-2019-0334

When creating a module in SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other...

5.4CVSS5.5AI score0.00685EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/01 12:0 a.m.4 views

SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2019-25982)

SAP BusinessObjects Business Intelligence Platform is a suite of bookstore intelligence software and enterprise performance solutions from Germany's SAP. The product features report generation, analytics and data visualization. A cross-site scripting vulnerability exists in SAP BusinessObjects...

6.1CVSS6.5AI score0.01325EPSS
Exploits0References1
Prion
Prion
added 2019/06/14 7:29 p.m.11 views

Code injection

SAP BusinessObjects Business Intelligence Platform Administration Console, versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript co...

4.3CVSS6.3AI score0.008EPSS
Exploits0References2Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2019/03/19 12:53 p.m.77 views

Partner Perspectives: Stay Proactive with Automated Threat Blocking from Carbon Black and IntSights

Alon Yotvat is a Senior Solutions Architect for IntSights. Carbon Black and IntSights have joined forces to combine next-gen endpoint security solutions with powerful external threat intelligence. This potent integration of cybersecurity technologies gives enterprises the protection they need to...

0.7AI score
Exploits0
Cvelist
Cvelist
added 2019/03/12 10:0 p.m.27 views

CVE-2019-0268

SAP BusinessObjects Business Intelligence Platform CMC Module, versions 4.10, 4.20 and 4.30, does not sufficiently validate an XML document accepted from an untrusted source...

8.2AI score0.022EPSS
Exploits0References3
OSV
OSV
added 2019/02/21 5:29 p.m.2 views

CVE-2018-1945

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click...

6.1CVSS5.8AI score0.01213EPSS
Exploits0References2
CNVD
CNVD
added 2019/02/15 12:0 a.m.3 views

SAP BusinessObjects Business Intelligence Platform Arbitrary File Upload Vulnerability

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. An arbitrary file upload vulnerability exists in SAP BusinessObjects...

9.8CVSS7.2AI score0.02016EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/16 12:0 a.m.3 views

SAP BusinessObjects Business Intelligence Platform Server Denial of Service Vulnerability

SAP BusinessObjects Business Intelligence Platform Servers is a suite of business intelligence software and enterprise performance solutions. The product features report generation, analytics, data visualization, and more. A denial of service vulnerability exists in SAP BusinessObjects Business...

6.5CVSS6.7AI score0.01533EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/15 12:0 a.m.2 views

SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting Vulnerability

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from Germany's SAP, which features report generation, analytics, data visualization, and more. A cross-site scripting vulnerability in SAP BusinessObjects Business...

6.1CVSS6.1AI score0.01325EPSS
Exploits0References1
NVD
NVD
added 2018/11/13 8:29 p.m.23 views

CVE-2018-2483

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

4.3CVSS4.7AI score0.00888EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/11/13 8:0 p.m.25 views

CVE-2018-2473

SAP BusinessObjects Business Intelligence Platform Server, versions 4.1 and 4.2, when using Web Intelligence Richclient 3 tiers mode gateway allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

6.5AI score0.01533EPSS
Exploits0References3
CVE
CVE
added 2018/11/13 8:0 p.m.51 views

CVE-2018-2473

CVE-2018-2473 affects SAP BusinessObjects Business Intelligence Platform Server (versions 4.1 and 4.2) when using Web Intelligence Rich Client 3-tier gateway. The vulnerability enables an attacker to prevent legitimate users from accessing a service, either by crashing or flooding it, implying a ...

6.5CVSS6.4AI score0.01533EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/10/09 1:29 p.m.6 views

CVE-2018-2471

Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an attacker to access information which would otherwise be restricted...

7.5CVSS5.8AI score0.01728EPSS
Exploits0References3
Rows per page
Query Builder