CVE-2019-0398

Summary

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform (Monitoring Application)before 4.1affected
SAP SESAP BusinessObjects Business Intelligence Platform (Monitoring Application)before 4.2affected
SAP SESAP BusinessObjects Business Intelligence Platform (Monitoring Application)before 4.3affected

Weaknesses

  • Cross Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References