CVE-2019-0259

Summary

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform Servers (Enterprise)< 4.2affected
SAP SESAP BusinessObjects Business Intelligence Platform Servers (Enterprise)< 4.3affected

Weaknesses

  • Unrestricted File Upload

ADP Enrichment

CVE Program Container

Additional References

References