Описание
SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated attacker to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there could be a limited impact on confidentiality and integrity of the application.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:businessobjects_business_intelligence:420:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00403
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated attacker to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there could be a limited impact on confidentiality and integrity of the application.
EPSS
Процентиль: 60%
0.00403
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79