XML Validation Flaw in SAP BusinessObjects Business Intelligence Platform
CVE-2019-0268
Key Information:
- Vendor
- SAP
- Vendor
- CVE Published:
- 12 March 2019
Summary
An XML validation vulnerability exists in the SAP BusinessObjects Business Intelligence Platform's CMC Module, particularly in versions 4.10, 4.20, and 4.30. This flaw enables attackers to submit potentially malicious XML documents from untrusted sources, which the system fails to validate adequately. Such vulnerabilities can lead to security risks, including unauthorized access to confidential data or disruption of service. It's crucial for users of these affected versions to implement necessary security measures to mitigate this risk.
Affected Version(s)
SAP BusinessObjects Business Intelligence Platform (CMC Module) < 4.1 < 4.1
SAP BusinessObjects Business Intelligence Platform (CMC Module) < 4.2 < 4.2
SAP BusinessObjects Business Intelligence Platform (CMC Module) < 4.3 < 4.3
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved