Deserialization Vulnerability in SAP Business Objects Business Intelligence Platform
CVE-2020-6219
9.1CRITICAL
Key Information:
- Vendor
SAP
- Status
- Vendor
- CVE Published:
- 14 April 2020
What is CVE-2020-6219?
SAP Business Objects Business Intelligence Platform's CrystalReports WebForm Viewer suffers from a vulnerability that allows an attacker with basic authorization to exploit a deserialization flaw. This attack can lead to service interruptions, denial of service, and the unauthorized execution of arbitrary commands. It's essential to ensure that applications are protected against such threats to maintain their reliability and security.
Affected Version(s)
Crystal Reports for VS < 2010
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer) < 4.1 < 4.1
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer) < 4.2 < 4.2