CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42476 – Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence
https://notcve.org/view.php?id=CVE-2023-42476
SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that the user has access to. In the worst case, attacker could access data from reporting databases. SAP Business Objects Web Intelligence: versión 420, permite a un atacante autenticado inyectar código JavaScript en documentos de Web Intelligence que luego se ejecuta en el navegador de la víctima cada vez que se visita la página vulnerable. La explotación exitosa puede llevar a la exposición de los datos a los que tiene acceso el usuario. • https://me.sap.com/notes/3382353 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42474 – Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence
https://notcve.org/view.php?id=CVE-2023-42474
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information. SAP BusinessObjects Web Intelligence - versión 420, tiene una URL con un parámetro que podría ser vulnerable a un ataque XSS. El atacante podría enviar un enlace malicioso a un usuario que posiblemente le permitiría recuperar información confidencial. • https://me.sap.com/notes/3372991 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40622 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management)
https://notcve.org/view.php?id=CVE-2023-40622
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability. SAP BusinessObjects Business Intelligence Platform (Promotion Management): las versiones 420, 430, bajo ciertas condiciones, permiten a un atacante autenticado ver información sensible que de otro modo estaría restringida. En una explotación exitosa, el atacante puede comprometer completamente la aplicación causando un alto impacto en la confidencialidad, integridad y disponibilidad. • https://me.sap.com/notes/3320355 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40623 – Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)
https://notcve.org/view.php?id=CVE-2023-40623
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system. SAP BusinessObjects Suite Installer - versión 420, 430, permite a un atacante dentro de la red crear un directorio en un directorio temporal y vincularlo a un directorio con archivos del sistema operativo. En la explotación exitosa, el atacante puede eliminar todos los archivos del sistema operativo causando un impacto limitado en la integridad y comprometiendo completamente la disponibilidad del sistema. • https://me.sap.com/notes/3317702 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42472 – Insufficient File type validation in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)
https://notcve.org/view.php?id=CVE-2023-42472
Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticated attacker could intercept the request, modify the content type and the extension to read and modify sensitive data causing a high impact on confidentiality and integrity of the application. Debido a una validación insuficiente del tipo de archivo, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - versión 420, permite a un creador de informes cargar archivos desde el sistema local en el informe a través de la red. Al cargar el archivo de imagen, un atacante autenticado podría interceptar la solicitud, modificar el tipo de contenido y la extensión para leer y modificar datos confidenciales causando un alto impacto en la confidencialidad e integridad de la aplicación. • https://me.sap.com/notes/3370490 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-434: Unrestricted Upload of File with Dangerous Type •