Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OS Command Execution vulnerability in SAP Business Objects Business Intelligence Platform (Adaptive Job Server)
Vulnerability Description
SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the public java SDK. Programs could impact the confidentiality, integrity and availability of the system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
SAP Business Objects 操作系统命令注入漏洞
Vulnerability Description
SAP Business Objects是德国思爱普(SAP)公司的一个商业智能套件。 SAP Business Objects 420版本和430版本存在操作系统命令注入漏洞,该漏洞源于允许在启用程序对象执行时在Unix上远程执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A