When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HSap Businessobjects Business Intelligence Platform
APPSap420430
Powiązane podatności
SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject...
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platf...
SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate upl...
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not pe...
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, all...