CyberSec.Space Logo
Back to CVE Browser

CVE-2019-0268

HIGH
8.1
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile29.11th
PublishedMar 12, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an XML document accepted from an untrusted source.

Affected Platforms (CPE)

πŸ“¦
Sap

Businessobjects Business Intelligence

= 4.1
πŸ“¦
Sap

Businessobjects Business Intelligence

= 4.2
πŸ“¦
Sap

Businessobjects Business Intelligence

= 4.3

References & Advisories

πŸ”— http://www.securityfocus.com/bid/107364
πŸ”— https://launchpad.support.sap.com/#/notes/2689259
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080
πŸ”— http://www.securityfocus.com/bid/107364
πŸ”— https://launchpad.support.sap.com/#/notes/2689259
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080

Related Vulnerabilities

CVE-2018-24459.6

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable applic...

CVE-2018-24278.8

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, ...

CVE-2019-03988.8

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions ...

CVE-2018-24428.8

In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad...