Skip to main content

Businessobjects Web Intelligence

4 CVEs product

Monthly

CVE-2024-25646 MEDIUM PATCH This Month

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure SAP Businessobjects Web Intelligence
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-42476 MEDIUM This Month

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Businessobjects Web Intelligence
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-42474 MEDIUM This Month

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Businessobjects Web Intelligence
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2021-33667 MEDIUM This Month

Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Businessobjects Web Intelligence
NVD
CVSS 3.1
4.3
EPSS
0.7%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure SAP Businessobjects Web Intelligence
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Businessobjects Web Intelligence
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Businessobjects Web Intelligence
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Businessobjects Web Intelligence
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy