CVE-2019-0352
CVE-2019-0352
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
10 Sep 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.
Affected products
SAP SE · SAP BusinessObjects Business Intelligence Platform (CMC)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →