漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
SAP BusinessObjects Central Management Console 跨站请求伪造漏洞
Vulnerability Description
SAP BusinessObjects Central Management Console是德国思爱普(SAP)公司的一个基于 Web 的工具,可用于执行大多数日常管理任务,包括用户管理、内容管理和服务器管理。 SAP BusinessObjects Central Management Console 存在跨站请求伪造漏洞,该漏洞源于允许未经身份验证的攻击者通过网络检索本来受到限制的令牌信息。这只有在合法用户访问应用程序并发生本地泄露时才能实现,如嗅探或社会工程。一旦成功利用,攻击者可以完全破坏应用程
CVSS Information
N/A
Vulnerability Type
N/A