Sap Businessobjects
14 CVEs affecting Sap Businessobjects. Latest disclosed: 2017-12-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-16683 | Medium | 6.5 | 2017-12-12 | Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4.10 and 4.20, that could allow an attacker to prevent legitimate users from accessing a s… |
CVE-2015-7730 | | 2015-10-15 | SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of… | |
CVE-2014-9387 | | 2014-12-17 | SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, ak… | |
CVE-2014-8311 | | 2014-10-16 | SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information via an InfoStore query to a CORBA listener. | |
CVE-2014-8310 | | 2014-10-16 | The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remote attackers to cause a denial of service (server shutdown) via crafted OSCAFactory::Sessi… | |
CVE-2014-8309 | | 2014-10-16 | SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on wh… | |
CVE-2014-8308 | | 2014-10-16 | Cross-site scripting (XSS) vulnerability in the Send to Inbox functionality in SAP BusinessObjects BI EDGE 4.0 allows remote attackers to inject arbitrary web… | |
CVE-2014-3134 | | 2014-04-30 | Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote attackers to inject arbitrary web script or HTML via… | |
CVE-2010-3983 | | 2010-10-18 | CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Progr… | |
CVE-2010-3982 | | 2010-10-18 | SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensit… | |
CVE-2010-3981 | | 2010-10-18 | Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the Servic… | |
CVE-2010-3980 | | 2010-10-18 | Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a… | |
CVE-2010-3979 | | 2010-10-18 | Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, whi… | |
CVE-2010-0219 | | 2010-10-18 | Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for t… |