CVE-2024-41730 – Missing Authentication check in SAP BusinessObjects Business Intelligence Platform
https://notcve.org/view.php?id=CVE-2024-41730
In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability. • https://me.sap.com/notes/3479478 https://url.sap/sapsecuritypatchday • CWE-862: Missing Authorization •
CVE-2024-34684 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Scheduling)
https://notcve.org/view.php?id=CVE-2024-34684
On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) allows an authenticated attacker with administrator access on the local server to access the password of a local account. As a result, an attacker can obtain non-administrative user credentials, which will allow them to read or modify the remote server files. En Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) permite que un atacante autenticado con acceso de administrador en el servidor local acceda a la contraseña de una cuenta local. Como resultado, un atacante puede obtener credenciales de usuario no administrativas, que le permitirán leer o modificar los archivos del servidor remoto. • https://me.sap.com/notes/3441817 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-33004 – Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices)
https://notcve.org/view.php?id=CVE-2024-33004
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application. SAP Business Objects Business Intelligence Platform es vulnerable al almacenamiento inseguro, ya que las páginas web dinámicas se almacenan en caché incluso después de cerrar la sesión. Si la explotación tiene éxito, el atacante puede ver la información confidencial a través del caché y abrir las páginas, lo que provoca un impacto limitado en la confidencialidad, la integridad y la disponibilidad de la aplicación. • https://me.sap.com/notes/3449093 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html • CWE-524: Use of Cache Containing Sensitive Information CWE-922: Insecure Storage of Sensitive Information •
CVE-2024-28165 – Cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform
https://notcve.org/view.php?id=CVE-2024-28165
SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to manipulate a parameter in the Opendocument URL which could lead to high impact on Confidentiality and Integrity of the application La plataforma SAP Business Objects Business Intelligence es vulnerable al XSS almacenado, lo que permite a un atacante manipular un parámetro en la URL de Opendocument, lo que podría tener un alto impacto en la confidencialidad y la integridad de la aplicación. • https://me.sap.com/notes/3431794 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-27271 – Server Side Request Forgery (SSRF) in the SAP BusinessObjects Business Intelligence platform
https://notcve.org/view.php?id=CVE-2023-27271
In SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability. • https://launchpad.support.sap.com/#/notes/3287120 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-918: Server-Side Request Forgery (SSRF) •