CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-16684

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile37.78th
Published2017年12月12日
Last Modified2026年5月13日

Vulnerability Description

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.

Affected Platforms (CPE)

📦
Sap

Business Intelligence Promotion Management Application

= 4.10
📦
Sap

Business Intelligence Promotion Management Application

= 4.20
📦
Sap

Business Intelligence Promotion Management Application

= 4.30

References & Advisories

🔗 http://www.securityfocus.com/bid/102147
🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
🔗 https://launchpad.support.sap.com/#/notes/2537152
🔗 http://www.securityfocus.com/bid/102147
🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
🔗 https://launchpad.support.sap.com/#/notes/2537152

関連する脆弱性情報

CVE-2017-166816.1

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.3...

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...

CVE-2017-522610.0

When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioc...