Lucene search

K
SapBusinessobjects3.2

6 matches found

CVE
CVE
added 2010/10/18 5:0 p.m.218 views

CVE-2010-0219

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.

10CVSS7.8AI score0.93449EPSS
CVE
CVE
added 2010/10/18 5:0 p.m.40 views

CVE-2010-3981

Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.

4.3CVSS5.8AI score0.00225EPSS
CVE
CVE
added 2010/10/18 5:0 p.m.38 views

CVE-2010-3982

SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an "internal port scanning" i...

5CVSS6.7AI score0.00283EPSS
CVE
CVE
added 2010/10/18 5:0 p.m.37 views

CVE-2010-3980

Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI.

4CVSS6.4AI score0.0041EPSS
CVE
CVE
added 2010/10/18 5:0 p.m.35 views

CVE-2010-3979

Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote attackers to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI.

5CVSS6.8AI score0.0025EPSS
CVE
CVE
added 2010/10/18 5:0 p.m.30 views

CVE-2010-3983

CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.

9CVSS6.6AI score0.0049EPSS