CVE-2019-0333

Summary

In some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their authorized security profile, resulting in Information Disclosure.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform (Web Intelligence)< 4.2affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References