CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3982
https://notcve.org/view.php?id=CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an "internal port scanning" issue. SAP BusinessObjects Enterprise XI 3.2 permite a atacantes remotos realizar conexiones TCP a equipos arbitrarios de la intranet en cualquier puerto, y obtener información potencialmente confidencial sobre los puertos abiertos, a través del parámetro apstoken de la URI CrystalReports/viewrpt.cwr. Relacionado con un problema de "escaneo de puertos interno". • http://osvdb.org/68681 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/62682 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3983
https://notcve.org/view.php?id=CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property. CmcApp en SAP BusinessObjects Enterprise XI 3.2 permite a usuarios autenticados remotos escalar privilegios a través de vectores que involucran el "Program Job Server" (servidor de trabajos de programa) y la propiedad "Program Login" (inicio de sesión de programa). • http://osvdb.org/68682 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3979
https://notcve.org/view.php?id=CVE-2010-3979
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote attackers to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI. Dswsbobje en SAP BusinessObjects Enterprise XI v3.2 genera mensajes de error diferentes dependiendo de si el campo Login corresponde a un nombre de usuario válido, lo que permite a usuarios remotos enumerar los nombres de cuentas de usuario a través de una SOAPAction login a la URI dswsbobje/services/session. • http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3980
https://notcve.org/view.php?id=CVE-2010-3980
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI. Dswsbobje en SAP BusinessObjects Enterprise XI v3.2 no limita el número de CUIDs que pueden ser solicitados, lo que permite a usuarios remotos autenticados provocar una denegación de servicio a través de valores numCuids extensos de una SOAPAction GenerateCuids de la URI dswsbobje/services/biplatform URI. • http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf •
CVSS: 10.0EPSS: 97%CPEs: 8EXPL: 7CVE-2010-0219 – Axis2 - (Authenticated) Code Execution (via REST)
https://notcve.org/view.php?id=CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service. Axis2 de Apache, tal y como es usado en dswsbobje.war en SAP BusinessObjects Enterprise XI versión 3.2, CA ARCserve D2D r15 y otros productos, tiene una contraseña por defecto de axis2 para la cuenta de administrador, lo que facilita a los atacantes remotos ejecutar código arbitrario mediante la carga de un servicio web especialmente diseñado. • https://www.exploit-db.com/exploits/16312 https://www.exploit-db.com/exploits/16315 https://www.exploit-db.com/exploits/15869 https://github.com/veritas-rt/CVE-2010-0219 http://retrogod.altervista.org/9sg_ca_d2d.html http://secunia.com/advisories/41799 http://secunia.com/advisories/42763 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf http://www.exploit-db.com/exploits/15869 http://www.kb.cert.org/vuls/id/989719 http://www.osvd • CWE-255: Credentials Management Errors •