Vulnerability in Sap Businessobjects_business_intelligence
CVE-2019-0333
In some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their…
EPSS: 0.011 (62.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Sap Businessobjects_business_intelligence — versions 4.2
- Sap Se Businessobjects Business Intelligence Platform (Web Intelligence) — versions < 4.2
References
- cna@sap.com (x_refsource_MISC, Vendor Advisory)
- cna@sap.com (Permissions Required, x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-0333?
- CVE-2019-0333 is a medium-severity vulnerability in Sap Businessobjects_business_intelligence. CVSS score: 6.5/10. Published 2019-08-14.
- How severe is CVE-2019-0333?
- Medium severity. CVSS v3 base score is 6.5 out of 10.