Remote Denial of Service Vulnerability in SAP BusinessObjects Products
CVE-2015-7730

Currently unrated

Key Information:

Vendor: SAP
Status: Businessobjects Xi; Businessobjects Edge; Businessobjects
Vendor: CVE Published:; 15 October 2015

Summary

The SAP BusinessObjects BI Platform, BusinessObjects Edge, and BusinessObjects XI are vulnerable to denial of service attacks due to an out-of-bounds read condition caused by crafted GIOP packets. Attackers exploiting this vulnerability can trigger a listener crash, leading to disrupted service and potential loss of availability within the affected systems. It is crucial for organizations using these products to implement the recommended security patches and follow SAP's security notifications to mitigate the risk.

References

https://www.onapsis.com/research/security-advisories/SAP-...

x_refsource_MISC

https://www.onapsis.com/blog/analyzing-sap-security-notes...

x_refsource_MISC

http://www.securitytracker.com/id/1033637

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 15, 2015
Vulnerability Reserved
Oct 6, 2015