Описание
In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.
Ссылки
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.
Уязвимость функционала единого входа (SSO) платформы бизнес-аналитики SAP BusinessObjects Business Intelligence, позволяющая нарушителю получить полный доступ к устройству
EPSS
9.8 Critical
CVSS3