CVE-2019-0352
N/A
N/A
Summary
In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP BusinessObjects Business Intelligence Platform (CMC) | < 4.1 | affected |
| SAP SE | SAP BusinessObjects Business Intelligence Platform (CMC) | < 4.2 | affected |
| SAP SE | SAP BusinessObjects Business Intelligence Platform (CMC) | < 4.3 | affected |
Weaknesses
- Other
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/2735924
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506
References
- https://launchpad.support.sap.com/#/notes/2735924
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.