Описание
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
Ссылки
- Third Party AdvisoryVDB Entry
- Permissions Required
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Permissions Required
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:businessobjects_business_intelligence:4.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence:4.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:crystal_reports:-:*:*:*:*:visual_studio_.net_2010:*:*
EPSS
Процентиль: 70%
0.00643
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
EPSS
Процентиль: 70%
0.00643
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-94