CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-6219

HIGH
8.8
CVSS Severity Score
EPSS Score0.0630%
EPSS Percentile44.65th
Published2020年4月14日
Last Modified2024年11月21日

Vulnerability Description

SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and denial of service and unauthorized execution of arbitrary commands, leading to Deserialization of Untrusted Data.

Affected Platforms (CPE)

📦
Sap

Businessobjects Business Intelligence Platform

= 4.1
📦
Sap

Businessobjects Business Intelligence Platform

= 4.2
📦
Sap

Crystal Reports For Visual Studio

= 2010

References & Advisories

🔗 https://launchpad.support.sap.com/#/notes/2863731
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
🔗 https://launchpad.support.sap.com/#/notes/2863731
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

関連する脆弱性情報

CVE-2019-03988.8

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions ...

CVE-2019-02688.1

SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an X...

CVE-2019-02877.6

Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, all...

CVE-2018-24717.5

Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an attacker to access information...