SAP Business Objects Enterprise Remote Code Injection Vulnerability
BID:104439
Info
SAP Business Objects Enterprise Remote Code Injection Vulnerability
| Bugtraq ID: | 104439 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 12 2018 12:00AM |
| Updated: | Jun 12 2018 12:00AM |
| Credit: | Aniway Anyway |
| Vulnerable: |
SAP Business Objects 4.1 SAP Business Objects 4.0 |
| Not Vulnerable: | |
Discussion
SAP Business Objects Enterprise Remote Code Injection Vulnerability
SAP Business Objects Enterprise is prone to a remote code-execution vulnerability.
Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application.
SAP Business Objects Enterprise versions 4.0 and 4.1 are vulnerable.
SAP Business Objects Enterprise is prone to a remote code-execution vulnerability.
Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application.
SAP Business Objects Enterprise versions 4.0 and 4.1 are vulnerable.
Exploit / POC
SAP Business Objects Enterprise Remote Code Injection Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
SAP Business Objects Enterprise Remote Code Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
SAP Business Objects Enterprise Remote Code Injection Vulnerability
References:
References:
- SAP Homepage (SAP)
- SAP Security Note 1999142 (SAP)
- Analyzing SAP Security Notes August 2014 Edition (onapsis.com)
- SAP Security Patch Day �?? June 2018 (SAP)