CVE-2019-0398
Description
Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.168
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP Business Objects Business Intelligence Platform 4.1 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Objects Business Intelligence Platform 4.2 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Objects Business Intelligence Platform 4.3 | Windows |
| Multiple Vulnerabilities are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 4.1 | Windows |
| Multiple Vulnerabilities are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 4.2 | Windows |
| Multiple Vulnerabilities are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 4.3 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234