CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-16684

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile37.78th
Published2017年12月12日
Last Modified2026年5月13日

Vulnerability Description

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.

Affected Platforms (CPE)

📦
Sap

Business Intelligence Promotion Management Application

= 4.10
📦
Sap

Business Intelligence Promotion Management Application

= 4.20
📦
Sap

Business Intelligence Promotion Management Application

= 4.30

References & Advisories

🔗 http://www.securityfocus.com/bid/102147
🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
🔗 https://launchpad.support.sap.com/#/notes/2537152
🔗 http://www.securityfocus.com/bid/102147
🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
🔗 https://launchpad.support.sap.com/#/notes/2537152

相關漏洞威脅

CVE-2017-166816.1

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.3...

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2017-772210.0

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with ...

CVE-2017-721310.0

Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops...