CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-0268

HIGH
8.1
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile29.11th
Published2019年3月12日
Last Modified2024年11月21日

Vulnerability Description

SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an XML document accepted from an untrusted source.

Affected Platforms (CPE)

📦
Sap

Businessobjects Business Intelligence

= 4.1
📦
Sap

Businessobjects Business Intelligence

= 4.2
📦
Sap

Businessobjects Business Intelligence

= 4.3

References & Advisories

🔗 http://www.securityfocus.com/bid/107364
🔗 https://launchpad.support.sap.com/#/notes/2689259
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080
🔗 http://www.securityfocus.com/bid/107364
🔗 https://launchpad.support.sap.com/#/notes/2689259
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080

相关漏洞威胁

CVE-2018-24459.6

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable applic...

CVE-2018-24278.8

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, ...

CVE-2019-03988.8

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions ...

CVE-2018-24428.8

In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad...