Описание
SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application.
Ссылки
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.7 High
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application.
Уязвимость компонента Web Intelligence платформы бизнес-аналитики SAP BusinessObjects Business Intelligence, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
7.7 High
CVSS3
6.5 Medium
CVSS3