← volver
CVE-2019-0396

CVE-2019-0396

EPSS 0.9%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 nov 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will not be correctly filtered by Web Intelligence HTML interface in some specific workflows.
Productos afectados
SAP SE · SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://launchpad.support.sap.com/#/notes/2814007https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390