Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
SAP Business Objects 代码问题漏洞
Vulnerability Description
SAP Business Objects是德国思爱普(SAP)公司的一个商业智能套件。 SAP Business Objects Platform 420和430版本存在安全漏洞,该漏洞源于其允许具有普通BI用户权限的攻击者在操作系统级别上上传/替换Business Objects服务器上的任何文件,使攻击者能够完全控制系统,从而对应用程序的机密性、完整性和可用性造成严重影响。
CVSS Information
N/A
Vulnerability Type
N/A