CRITICAL🇵🇱 Wersja polska

CVE-2018-2445

CVSS 9.6v3.0pub. 2018-08-14upd. 2024-11-21

AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
  • Sap Businessobjects Business Intelligence

    APP
    Sap
    4.14.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SSRF
CWE
References

Related vulnerabilities

CVE-2023-40622CRITICAL9.9ten sam produkt

SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain c...

CVE-2023-28762CRITICAL9.1ten sam produkt

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker with ...

CVE-2023-28765CRITICAL9.8ten sam produkt

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management)...

CVE-2025-23192HIGH8.2ten sam produkt

SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store...

CVE-2024-37179HIGH7.7ten sam produkt

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted re...