CVE-2018-2427

Sažetak

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.

Reference

http://www.securityfocus.com/bid/104715
https://launchpad.support.sap.com/#/notes/2620738
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

06-09-2018 - 13:04

Objavljeno

10-07-2018 - 18:29