CyberSec.Space Logo
Back to CVE Browser

CVE-2018-2427

HIGH
8.8
CVSS Severity Score
EPSS Score0.0220%
EPSS Percentile27.03th
PublishedJul 10, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.

Affected Platforms (CPE)

πŸ“¦
Sap

Businessobjects Business Intelligence

= 4.10
πŸ“¦
Sap

Businessobjects Business Intelligence

= 4.20
πŸ“¦
Sap

Crystal Reports

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/104715
πŸ”— https://launchpad.support.sap.com/#/notes/2620738
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000
πŸ”— http://www.securityfocus.com/bid/104715
πŸ”— https://launchpad.support.sap.com/#/notes/2620738
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000

Related Vulnerabilities

CVE-2018-24459.6

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable applic...

CVE-2018-24428.8

In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad...

CVE-2019-03988.8

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions ...

CVE-2019-02688.1

SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an X...