Known Vulnerabilities for Microstrategy Web by Microstrategy
Listed below are 10 of the newest known vulnerabilities associated with "Microstrategy Web" by "Microstrategy".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-24815 json | A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 befor... | Not Provided | 2020-11-24 | 2026-07-09 |
| CVE-2020-22987 json | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers ... | Not Provided | 2022-05-12 | 2026-07-09 |
| CVE-2020-22986 json | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers ... | Not Provided | 2022-05-12 | 2026-07-09 |
| CVE-2020-22985 json | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers ... | Not Provided | 2022-05-12 | 2026-07-09 |
| CVE-2020-22984 json | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers ... | Not Provided | 2022-05-12 | 2026-07-09 |
| CVE-2020-22983 json | A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenti... | Not Provided | 2022-05-13 | 2026-07-09 |
| CVE-2020-11454 json | Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for... | 5.4 - MEDIUM | 2020-04-02 | 2020-04-03 |
| CVE-2020-11453 json | ** DISPUTED ** Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality expo... | 5.3 - MEDIUM | 2020-04-02 | 2023-11-07 |
| CVE-2020-11452 json | Microstrategy Web 10.4 includes functionality to allow users to import files or data from external resources such as URLs or ... | 4.3 - MEDIUM | 2020-04-02 | 2020-04-03 |
| CVE-2020-11451 json | The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive con... | 7.2 - HIGH | 2020-04-02 | 2020-06-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microstrategy | Microstrategy Web | 7 | |||
| Application | Microstrategy | Microstrategy Web | 10.4.6 | |||
| Application | Microstrategy | Microstrategy Web | 10.4 | |||
| Application | Microstrategy | Microstrategy Web | 10.1 |