CVE-2022-41267

CVE-2022-41267 affects SAP BusinessObjects Platform 4.2 (420) and 4.3 (430). A server‑side request forgery vulnerability lets an attacker with normal BI user privileges upload/replace any file on the server at the OS level, enabling full system control and causing high impact to confidentiality, ...

CVE-2022-41267

SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrit...

CVE-2022-41267

SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrit...

PT-2022-25778 · Sap · Sap Businessobjects Bi Platform

Name of the Vulnerable Software and Affected Versions: SAP Business Objects Platform versions 420, and 430 Description: The issue allows an attacker with normal BI user privileges to upload or replace any file on the Business Objects server at the operating system level. This enables the attacker...

SAP Business Objects 代码问题漏洞

SAP Business Objects is a business intelligence suite from SAP, Germany. A security vulnerability exists in SAP Business Objects Platform versions 420 and 430, which stems from a vulnerability that allows an attacker with normal BI user privileges to upload/replace any file on the Business Object...

CVE-2022-41263

Due to a missing authentication check, SAP Business Objects Business Intelligence Platform Web Intelligence - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the...

Authentication flaw

Due to a missing authentication check, SAP Business Objects Business Intelligence Platform Web Intelligence - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the...

CVE-2022-41263

CVE-2022-41263 affects SAP BusinessObjects Business Intelligence Platform (Web Intelligence) v4.2/v4.3 (420, 430). Root cause: missing authentication check allows an authenticated non-administrator to modify data source information for a restricted document, yielding a limited integrity impact. N...

CVE-2022-41263

Due to a missing authentication check, SAP Business Objects Business Intelligence Platform Web Intelligence - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the...

SAP Business Objects Business Intelligence Platform 跨站请求伪造漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. A cross-site request forgery vulnerability exists in SAP Business...

Veeam Backup for Cloud Solutions Potential Data Loss

Challenge Possible data loss in backups created. Affected product versions: Veeam Backup for AWS 5.0.0.452 Veeam Backup for AWS 5.1.0.39 Veeam Backup for Microsoft Azure 4.0.0.679 Veeam Backup for Google Cloud 3.0.0.859 Cause While creating backups to object storage, data loss may occur within th...

CVE-2022-1606

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

CVE-2022-1606

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

CVE-2022-1606

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

Design/Logic Flaw

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

CVE-2022-1606 Incorrect privilege assignment in M-Files Server

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

CVE-2022-1606 Incorrect privilege assignment in M-Files Server

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 22.3.11164.0, 22.3.11237.1 and prior to 22.3.11237.1, which stems from incorrect privilege assignment. An attacker could exploit the vulnerability to read...

PT-2022-14002

Name of the Vulnerable Software and Affected Versions M-Files Server versions prior to 22.3.11164.0 M-Files Server versions prior to 22.3.11237.1 Description The issue is related to incorrect privilege assignment, allowing a user to read unmanaged objects. Recommendations For versions prior to...

Oracle Linux 8 : kubernetes (ELSA-2022-10034)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10034 advisory. - Addresses CVE-2022-3294 & CVE-2022-3162 - Addresses CVE-2022-3172 olcne - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21 - Resolv...