BID:105903

SAP BusinessObjects Business Intelligence Platform CVE-2018-2473 Denial of Service Vulnerability

CVE-2018-2473 |

Info

SAP BusinessObjects Business Intelligence Platform CVE-2018-2473 Denial of Service Vulnerability

Bugtraq ID:	105903
Class:	Design Error
CVE:	CVE-2018-2473
Remote:	Yes
Local:	No
Published:	Nov 13 2018 12:00AM
Updated:	Nov 13 2018 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	SAP BusinessObjects BI Platform 4.2 SAP BusinessObjects BI Platform 4.1

Not Vulnerable:

Discussion

SAP BusinessObjects Business Intelligence Platform CVE-2018-2473 Denial of Service Vulnerability

SAP BusinessObjects Business Intelligence Platform is prone to a denial-of-service vulnerability.

Successful exploits may allow an attacker to cause denial-of-service conditions.

SAP BusinessObjects Business Intelligence platform 4.1 and 4.2 are vulnerable.

Exploit / POC

SAP BusinessObjects Business Intelligence Platform CVE-2018-2473 Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

SAP BusinessObjects Business Intelligence Platform CVE-2018-2473 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

SAP BusinessObjects Business Intelligence Platform CVE-2018-2473 Denial of Service Vulnerability

References:

SAP Homepage (SAP)
SAP Security Note 2657670 (SAP)
SAP Security Patch Day �?? November 2018 (SAP)