File Repository Server Vulnerability in SAP BusinessObjects Edge 4.0
CVE-2015-2073

7.5HIGH

Key Information:

Vendor

SAP
Status
Businessobjects Edge
Vendor
CVE Published:
9 August 2021

What is CVE-2015-2073?

The File Repository Server (FRS) in SAP BusinessObjects Edge 4.0 is susceptible to a vulnerability that enables remote attackers to gain unauthorized access to read arbitrary files from the server. This is executed by supplying a full pathname, allowing potential exposure of sensitive information. For detailed insights, refer to SAP Note 2018682 and associated resources.

References

http://packetstormsecurity.com/files/130520/SAP-Business-...
x_refsource_MISC
http://www.securityfocus.com/archive/1/archive/1/534748/1...
x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Feb/92
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.