CyberSec.Space Logo
Back to CVE Browser

CVE-2017-16684

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile37.78th
PublishedDec 12, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.

Affected Platforms (CPE)

πŸ“¦
Sap

Business Intelligence Promotion Management Application

= 4.10
πŸ“¦
Sap

Business Intelligence Promotion Management Application

= 4.20
πŸ“¦
Sap

Business Intelligence Promotion Management Application

= 4.30

References & Advisories

πŸ”— http://www.securityfocus.com/bid/102147
πŸ”— https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
πŸ”— https://launchpad.support.sap.com/#/notes/2537152
πŸ”— http://www.securityfocus.com/bid/102147
πŸ”— https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
πŸ”— https://launchpad.support.sap.com/#/notes/2537152

Related Vulnerabilities

CVE-2017-166816.1

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.3...

CVE-2017-332410.0

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone...

CVE-2017-514510.0

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. S...

CVE-2017-796410.0

Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote att...