Skip to main content

Business Intelligence Promotion Management Application

2 CVEs product

Monthly

CVE-2017-16684 CRITICAL Act Now

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Business Intelligence Promotion Management Application
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-16681 MEDIUM This Month

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP Business Intelligence Promotion Management Application
NVD
CVSS 3.0
6.1
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Business Intelligence Promotion Management Application
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP Business Intelligence Promotion Management Application
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy