Описание
SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:businessobjects_edge:4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09493
Низкий
9.8 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
EPSS
Процентиль: 93%
0.09493
Низкий
9.8 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-287