Businessobjects Business Intelligence Security Vulnerabilities and Issues — Businessobjects Business Intelligence CVE List

Lucene search

SapBusinessobjects Business Intelligence

4 matches found

CVE•added 2018/08/14 4:29 p.m.•45 views

CVE-2018-2442

In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.

8.8CVSS8.5AI score0.00215EPSS

CVE•added 2018/08/14 4:29 p.m.•40 views

CVE-2018-2447

SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database.

6.5CVSS6.5AI score0.00434EPSS

CVE•added 2018/08/14 4:29 p.m.•37 views

CVE-2018-2445

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability.

9.6CVSS9.1AI score0.00224EPSS

CVE•added 2018/08/14 4:29 p.m.•36 views

CVE-2018-2446

Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.

7.5CVSS7.1AI score0.00744EPSS