Описание
polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depending on if a connection can be made, which allows remote attackers to conduct port scanning attacks via a host name and port in the cms parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:businessobjects_explorer:14.0.5:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00516
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depending on if a connection can be made, which allows remote attackers to conduct port scanning attacks via a host name and port in the cms parameter.
EPSS
Процентиль: 66%
0.00516
Низкий
5 Medium
CVSS2
Дефекты
CWE-200