Описание
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application.
Ссылки
- Permissions Required
- Patch
- Permissions Required
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:430:*:*:*:-:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:440:*:*:*:-:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-524
CWE-922
Связанные уязвимости
CVSS3: 4.3
github
больше 1 года назад
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application.
EPSS
Процентиль: 19%
0.00061
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-524
CWE-922