Skip to main content

Webfocus Business Intelligence

3 CVEs product

Monthly

CVE-2020-14204 HIGH This Week

In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal allows remote attackers to read arbitrary local files or forge server-side HTTP requests via a crafted HTTP request to. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Webfocus Business Intelligence
NVD
CVSS 3.1
8.2
EPSS
1.9%
CVE-2020-14203 HIGH POC This Week

WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against administrative users within the /ibi_apps/WFServlet(.ibfs) endpoint. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Webfocus Business Intelligence
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-14202 MEDIUM POC This Month

WebFOCUS Business Intelligence 8.0 (SP6) was prone to XSS via arbitrary URL parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webfocus Business Intelligence
NVD
CVSS 3.1
6.1
EPSS
0.7%
EPSS 2% CVSS 8.2
HIGH This Week

In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal allows remote attackers to read arbitrary local files or forge server-side HTTP requests via a crafted HTTP request to. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Webfocus Business Intelligence
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against administrative users within the /ibi_apps/WFServlet(.ibfs) endpoint. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Webfocus Business Intelligence
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

WebFOCUS Business Intelligence 8.0 (SP6) was prone to XSS via arbitrary URL parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webfocus Business Intelligence
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy