CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-16684

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile37.78th
Published2017年12月12日
Last Modified2026年5月13日

Vulnerability Description

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.

Affected Platforms (CPE)

📦
Sap

Business Intelligence Promotion Management Application

= 4.10
📦
Sap

Business Intelligence Promotion Management Application

= 4.20
📦
Sap

Business Intelligence Promotion Management Application

= 4.30

References & Advisories

🔗 http://www.securityfocus.com/bid/102147
🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
🔗 https://launchpad.support.sap.com/#/notes/2537152
🔗 http://www.securityfocus.com/bid/102147
🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
🔗 https://launchpad.support.sap.com/#/notes/2537152

相关漏洞威胁

CVE-2017-166816.1

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.3...

CVE-2017-332410.0

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone...

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2017-514510.0

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. S...