CVE-2015-2075
SAP Business Objects Unauthorized Audit Information Delete
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.
SAP BusinessObjects Edge 4.0 permite a atacantes remotos borrar eventos de auditorias de la cola auditada a través de una operación clearData CORBA, también conocido como SAP Note 2011396.
It is possible for an unauthenticated user to remove audit events from a remote BusinessObjects service using CORBA. Specifically, the attacker can tell the remote service (i.e. the auditee) to clear an event from it's queue. After the event is removed from the auditee queue, the auditor will never have knowledge of the event and, hence, it will not be written to the Audit database. An attacker can use this to hide their actions. By default, the auditor polls all auditees every 5 minutes to ask for events in their queue.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-02-24 CVE Reserved
- 2015-02-25 CVE Published
- 2024-08-06 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://packetstormsecurity.com/files/130522/SAP-Business-Objects-Unauthorized-Audit-Information-Delete.html | Third Party Advisory |
|
http://seclists.org/fulldisclosure/2015/Feb/95 | Mailing List |
|
http://www.securityfocus.com/archive/1/534751/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/72778 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sap Search vendor "Sap" | Businessobjects Edge Search vendor "Sap" for product "Businessobjects Edge" | 4.0 Search vendor "Sap" for product "Businessobjects Edge" and version "4.0" | - |
Affected
|