CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-8310

HIGH
7.1
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile24.55th
Published2014年10月16日
Last Modified2026年5月6日

Vulnerability Description

The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remote attackers to cause a denial of service (server shutdown) via crafted OSCAFactory::Session ORB message.

Affected Platforms (CPE)

📦
Sap

Businessobjects

= 4.0

References & Advisories

🔗 http://packetstormsecurity.com/files/128600/SAP-Business-Objects-Denial-Of-Service-Via-CORBA.html
🔗 http://scn.sap.com/docs/DOC-8218
🔗 http://seclists.org/fulldisclosure/2014/Oct/40
🔗 http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-030
🔗 http://www.securityfocus.com/archive/1/533646/100/0/threaded
🔗 http://www.securityfocus.com/bid/70308
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/96875
🔗 https://service.sap.com/sap/support/notes/2001106

関連する脆弱性情報

CVE-2015-773010.0

SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to caus...

CVE-2014-938710.0

SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges...

CVE-2010-021910.0

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a de...

CVE-2019-02599.8

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) with...