SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user over the network without any user interaction. The attacker can impersonate any user on the platform resulting into accessing and modifying data. The attacker can also make the system partially or entirely unavailable.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HSap Businessobjects Business Intelligence
APPSap420430
Powiązane podatności
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain c...
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management)...
AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate t...
SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store...
SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted re...