Vulnerability in Sap Businessobjects_edge

CVE-2015-2075

SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.

EPSS: 0.012 (79.2th percentile) — read the EPSS interpretation.

Affected products

Sap Businessobjects_edge — versions 4.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

20150225 [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA (mailing-list, x_refsource_BUGTRAQ)
20150225 [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA (mailing-list, x_refsource_FULLDISC, Third Party Advisory, VDB Entry)
72778 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
cve@mitre.org (VDB Entry, Third Party Advisory, x_refsource_MISC)