CVE-2019-0348

Опубликовано: 14 авг. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted.

Ссылки

https://launchpad.support.sap.com/#/notes/2751470
Permissions Required
Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2751470
Permissions Required
Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:businessobjects_business_intelligence:4.1:*:*:*:*:*:*:*

cpe:2.3:a:sap:businessobjects_business_intelligence:4.2:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00126

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-319

Связанные уязвимости

GHSA-mxqq-vq68-78hq

github

больше 3 лет назад