SAP Security Advisory version ENTERPRISE 430 - SAP Security Notes

 

Advisories for ENTERPRISE 430

Below you can find all Security Advisories that related to your search term.

Note Component Description CVSS Severity Patchday Initially released on Category Affected system type Valid for
3130497 BI-BIP-CMC [CVE-2022-27671] CSRF token visible in one of the URL in SAP Business Intelligence Platform. 8.2 High 2022-04 2022/04/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3055044 BI-DEV-WEB [CVE-2022-28213] Missing XML Validation vulnerability in SAP BusinessObjects Business Intelligence Platform (dswsbobje - SOAP Web services) 5.4 Medium 2022-04 2022/04/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3137191 BI-BIP-ADM [CVE-2022-22541] Information Disclosure vulnerability in SAP BusinessObjects Platform 6.8 Medium 2022-04 2022/04/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3233226 BI-BIP-LCM [CVE-2022-35296] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Version Management System) 6.8 Medium 2022-10 2022/10/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3145769 BI-BIP-ADM [CVE-2022-27667] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (CMC) 5.3 Medium 2022-04 2022/04/12 Program error BI/BO platform ENTERPRISE 430
2701027 BI-BIP-MON [CVE-2019-0398] Cross-Site Request Forgery (CSRF) vulnerability in SAP BusinessObjects Business Intelligence Platform (Monitoring application) 4.3 Medium 2019-12 2019/12/10 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
2998510 BI-BIP-INS [CVE-2022-28214] Central Management Server Information Disclosure in Business Intelligence Update 7.8 High 2022-05 2022/05/10 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2878507 BI-BIP-INV [CVE-2020-6195] Multiple vulnerabilities in SAP Business Objects Business Intelligence Platform 6.4 Medium 2020-04 2020/04/14 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
3211161 BI-BIP-INV [CVE-2022-39800] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (BI LaunchPad) 6.1 Medium 2022-10 2022/10/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3103424 BI-BIP-SL-ENG-OLA [CVE-2022-24398] Information Disclosure vulnerability in SAP Business Objects Business Intelligence Platform 5.0 Medium 2022-03 2022/03/08 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3229425 BI-RA-AWB [CVE-2022-41206] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform / Analysis for OLAP 5.4 Medium 2022-10 2022/10/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3239293 BI-BIP-ADM [CVE-2022-39015] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform(AdminTools/ Query Builder) 7.7 High 2022-10 2022/10/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3221288 BI-BIP-CMC [CVE-2022-35228] Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console) 8.3 High 2022-07 2022/07/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3229132 BI-BIP-ADM [CVE-2022-39013] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Program Objects) 8.2 High 2022-10 2022/10/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3203079 BI-BIP-VD [CVE-2022-32246] SQL Injection vulnerability in SAP BusinessObjects Business Intelligence Platform (Visual Difference Application) 5.4 Medium 2022-07 2022/07/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3194361 BI-BIP-SRV [CVE-2022-35169] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (LCM) 6.0 Medium 2022-07 2022/07/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3167430 BI-BIP-IK-PAR-SAP [CVE-2022-31591] Privilege Escalation vulnerability in SAP BusinessObjects (BW Publisher Service) 5.6 Medium 2022-07 2022/07/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3169239 BI-BIP-ADM [CVE-2022-29619] Information Disclosure to user Administrator in SAP BusinessObjects Business Intelligence Platform 4.x 6.5 Medium 2022-07 2022/07/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3249648 BI-RA-WBI [CVE-2022-41263] Missing authentication check vulnerability in SAP Business Objects Business Intelligence Platform (Web intelligence) 4.3 Medium 2022-12 2022/12/13 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3239475 BI-BIP-SRV [CVE-2022-41267] Server-Side Request Forgery vulnerability in SAP BusinessObjects Business Intelligence Platform 9.9 Hot News 2022-12 2022/12/13 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3313484 BI-BIP-INV [CVE-2023-30740] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform 6.3 Medium 2023-05 2023/05/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3243924 BI-RA-WBI-FE [CVE-2022-41203] Insecure Deserialization of Untrusted Data in SAP BusinessObjects Business Intelligence Platform (Central Management Console and BI Launchpad) 9.9 Hot News 2022-11 2022/11/08 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3309935 BI-BIP-INV [CVE-2023-30741] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform 6.1 Medium 2023-05 2023/05/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2989075 BI-RA-CR-VW [CVE-2020-26831] Missing XML Validation in SAP BusinessObjects Business Intelligence Platform (Crystal Report) 9.6 Hot News 2020-12 2020/12/08 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
3210823 BI-BIP-INV [CVE-2022-32245] Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Open Document) 8.2 High 2022-08 2022/08/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3213507 BI-BIP-ADM [CVE-2022-31596] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) 5.2 Medium 2022-08 2022/08/09 Program error BI/BO platform ENTERPRISE 430
3038911 BI-BIP-ADM [CVE-2023-31404] Information Disclosure in SAP BusinessObjects Business Intelligence Platform (Central Management Service) 5.0 Medium 2023-05 2023/05/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3266006 BI-RA-CR [CVE-2023-0018] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console) 5.4 Medium 2023-01 2023/01/10 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3213524 BI-BIP-CMC [CVE-2022-32244] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Commentary DB) 5.2 Medium 2022-08 2022/08/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3307833 BI-BIP-SRV [CVE-2023-28762] Information Disclosure in SAP BusinessObjects Business Intelligence Platform (Central Management Console) 9.1 Hot News 2023-05 2023/05/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3262810 BI-RA-AWB [CVE-2023-0022] Code Injection vulnerability in SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP) 9.9 Hot News 2023-01 2023/01/10 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3217303 BI-BIP-SRV [CVE-2022-39014] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (CMC) 7.7 High 2022-09 2022/09/13 Program error BI/BO platform ENTERPRISE 430
3263863 BI-RA-WBI-FE [CVE-2023-23856] Cross-Site Scripting (XSS) vulnerability in Web Intelligence Interface 4.3 Medium 2023-02 2023/02/14 Program error BI/BO platform ENTERPRISE 430
3263135 BI-BIP-INV [CVE-2023-0020] Information disclosure vulnerability in SAP BusinessObjects Business Intelligence platform 8.5 High 2023-02 2023/02/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2830578 BI-BIP-INV [CVE-2019-0395] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad) 5.4 Medium 2019-12 2019/12/10 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3319400 BI-BIP-INV [CVE-2023-31406] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform 6.1 Medium 2023-05 2023/05/09 Program error BI/BO platform ENTERPRISE 430
2863731 BI-RA-CRV [CVE-2020-6219] Deserialization of Untrusted Data in SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer) 9.1 Hot News 2020-04 2020/04/14 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430 CRYSTAL REPORTS FOR VS 2010
2863396 BI-BIP-SRV [CVE-2020-6227] Remote unauthenticated log injection in SAP Business Objects Business Intelligence Platform (CMS / Auditing issues) 5.3 Medium 2020-04 2020/04/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2876059 BI-BIP-INV [CVE-2020-6216] Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform (BILaunchpad/ Opendocument) 6.1 Medium 2020-04 2020/04/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2898077 BI-DEV-WEB [CVE-2020-6237] Information Disclosure in SAP Business Objects Business Intelligence Platform (dswsbobje Web Application) 7.5 High 2020-04 2020/04/14 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
3256787 BI-BIP-CMC [CVE-2023-24530] Unrestricted Upload of File in SAP BusinessObjects Business Intelligence Platform (CMC) 8.4 High 2023-02 2023/02/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3245526 BI-BIP-CMC [CVE-2023-25616] Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC) 9.9 Hot News 2023-03 2023/03/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3283438 BI-BIP-SRV [CVE-2023-25617] OS Command Execution vulnerability in SAP Business Objects Business Intelligence Platform (Adaptive Job Server) 9.0 Hot News 2023-03 2023/03/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2905836 BI-DEV-WEB [CVE-2020-6269] Information Disclosure in SAP Business Objects Business Intelligence Platform 4.3 Medium 2020-06 2020/06/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2849967 BI-BIP-AUT [CVE-2020-6276] Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform(Bipodata) 6.1 Medium 2020-07 2020/07/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2912708 BI-BIP-INV [CVE-2020-6278] Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC) 5.4 Medium 2020-07 2020/07/14 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
3287120 BI-BIP-INV [Multiple CVEs] Multiple vulnerabilities in the SAP BusinessObjects Business Intelligence platform 6.5 Medium 2023-03 2023/03/14 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3320702 BI-BIP-SRV [CVE-2023-36917] Password Change rate limit bypass in SAP BusinessObjects Business Intelligence Platform 5.9 Medium 2023-07 2023/07/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2927956 BI-RA-CR [CVE-2020-6294] Missing Authentication check in SAP BusinessObjects Business Intelligence Platform 8.5 High 2020-08 2020/08/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3298961 BI-BIP-LCM [CVE-2023-28765] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management ) 9.8 Hot News 2023-04 2023/04/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2921615 BI-BIP-SRV BI Platform stores SAP BW Authentication Password as clear text 5.5 Medium 2020-08 2020/08/11 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
2925827 BI-BIP-CMC [CVE-2020-6300] Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform(Central Management Console) 4.8 Medium 2020-08 2020/08/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3414195 BI-BIP-CMC [CVE-2023-50164] Path Traversal Vulnerability in SAP BusinessObjects Business Intelligence Platform (Central Management Console) 7.2 High 2024-03 2024/03/12 Program error BI/BO platform ENTERPRISE 430
3433545 BI-BIP-INV [CVE-2024-42375] Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform 4.3 Medium 2024-08 2024/08/13 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430 ENTERPRISE 440
3312586 BI-RA-WBI [CVE-2023-39440] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform 4.4 Medium 2023-08 2023/08/08 Program error BI/BO platform ENTERPRISE 430
3421384 BI-RA-WBI [CVE-2024-25646] Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence 7.7 High 2024-04 2024/04/09 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430 ENTERPRISE 440
3317710 BI-BIP-INS [CVE-2023-37490] Binary hijack in SAP BusinessObjects Business Intelligence Suite (installer) 7.6 High 2023-08 2023/08/08 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3352453 BI-BIP-LCM [CVE-2023-37489] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Version Management System) 5.3 Medium 2023-09 2023/09/12 Program error BI/BO platform ENTERPRISE 430
3449093 BI-BIP-INV [CVE-2024-33004] Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices) 4.3 Medium 2024-05 2024/05/14 Program error BI/BO platform ENTERPRISE 430 ENTERPRISE 440
3431794 BI-BIP-INV [CVE-2024-28165] Cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform 8.1 High 2024-05 2024/05/14 Program error BI/BO platform ENTERPRISE 430 ENTERPRISE 440
3317702 BI-BIP-INS [CVE-2023-40623] Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer) 6.2 Medium 2023-09 2023/09/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430 ENTERPRISECLIENTTOOLS 420 ENTERPRISECLIENTTOOLS 430
3441817 BI-BIP-PUB [CVE-2024-34684] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Scheduling) 3.7 Low 2024-06 2024/06/11 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430 ENTERPRISE 440
3320355 BI-BIP-LCM [CVE-2023-40622] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management) 9.9 Hot News 2023-09 2023/09/12 Program error SAP BI ENTERPRISE 420 ENTERPRISE 430
3382353 BI-BIP-ADM [CVE-2023-42478] Cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform 7.5 High 2023-12 2023/12/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3479478 BI-BIP-INV [CVE-2024-41730] Missing Authentication check in SAP BusinessObjects Business Intelligence Platform 9.8 Hot News 2024-10 2024/08/13 Program error BI/BO platform ENTERPRISE 2025 ENTERPRISE 420 ENTERPRISE 430
2935791 BI-BIP-CMC [CVE-2021-21444] Clickjacking vulnerability in SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 5.4 Medium 2021-02 2021/02/09 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
3478615 BI-RA-WBI-BE [CVE-2024-37179] Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 7.7 High 2024-10 2024/10/08 Program error BI/BO platform ENTERPRISE 2025 ENTERPRISE 420 ENTERPRISE 430 ENTERPRISECLIENTTOOLS 2025 ENTERPRISECLIENTTOOLS 420 ENTERPRISECLIENTTOOLS 430
3044751 BI-RA-WBI-FE-HTM [CVE-2021-33667] Information Disclosure in SAP Business Objects Web Intelligence (BI Launchpad) 4.3 Medium 2021-07 2021/07/13 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2911863 BI-BIP-CMC Information Disclosure in BOE/CMC application 5.3 Medium 2021-04 2021/04/13 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3098917 BI-RA-AWB [CVE-2021-40497] Information Disclosure in SAP BusinessObjects Analysis (edition for OLAP) 4.3 Medium 2021-10 2021/10/12 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
2943844 BI-DEV-JAV [CVE-2020-6308] Server-Side Request Forgery vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Services) 5.3 Medium 2020-10 2020/10/13 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430
2861301 BI-RA-CR [CVE-2020-6208] Remote Code Execution in SAP Business Objects Business Intelligence Platform (Crystal Reports) 8.2 High 2020-03 2020/03/10 Program error BI/BO platform ENTERPRISE 410 ENTERPRISE 420 ENTERPRISE 430 CRYSTAL REPORTS FOR VS 2010
3062085 BI-RA-CR-VW [CVE-2021-33696] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Crystal Report) 5.4 Medium 2021-08 2021/08/10 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3063048 BI-BIP-INV [CVE-2021-33697] Reverse Tabnabbing in SAP BusinessObjects Business Intelligence Platform (SAP UI5) 4.7 Medium 2021-08 2021/08/10 Program error BI/BO platform ENTERPRISE 420 ENTERPRISE 430
3074693 BI-RA-CR-DB [CVE-2021-40500] Missing XML Validation in SAP BusinessObjects Business Intelligence Platform (Crystal Reports) 6.9 Medium 2021-10 2021/10/12 Program error BI/BO platform CRYSTAL REPORTS 42 CRYSTAL REPORTS 43 ENTERPRISE 420 ENTERPRISE 430
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge
Platform
Product

© Copyright 2024 by SecurityBridge GmbH

v35.0