CVE-2019-0398
N/A
N/A
Summary
Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Monitoring Application) | before 4.1 | affected |
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Monitoring Application) | before 4.2 | affected |
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Monitoring Application) | before 4.3 | affected |
Weaknesses
- Cross Site Request Forgery
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397
- https://launchpad.support.sap.com/#/notes/2701027
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397
- https://launchpad.support.sap.com/#/notes/2701027
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.