CVE-2019-0352

Summary

In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform (CMC)< 4.1affected
SAP SESAP BusinessObjects Business Intelligence Platform (CMC)< 4.2affected
SAP SESAP BusinessObjects Business Intelligence Platform (CMC)< 4.3affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References