漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In some workflow of SAP BusinessObjects BI Platform (Central Management Console and BI LaunchPad), an authenticated attacker with low privileges can intercept a serialized object in the parameters and substitute with another malicious serialized object, which leads to deserialization of untrusted data vulnerability. This could highly compromise the Confidentiality, Integrity, and Availability of the system.
CVSS Information
N/A
Vulnerability Type
可信数据的反序列化
Vulnerability Title
SAP BusinessObjects BI Platform 代码问题漏洞
Vulnerability Description
SAP BusinessObjects BI Platform是德国思爱普(SAP)公司的用于数据报告、可视化和共享的集中套件。 SAP BusinessObjects BI Platform (Central Management Console and BI LaunchPad)存在代码问题漏洞,该漏洞源于其某些工作流中,经过身份验证的低权限攻击者可以在参数中拦截一个序列化对象并替换为另一个恶意序列化对象实现不可信数据反序列化。这可能会严重损害系统的机密性、完整性和可用性。
CVSS Information
N/A
Vulnerability Type
N/A