Sap · Sap Bo · CVE-2018-11247
**Name of the Vulnerable Software and Affected Versions**
Nasdaq BWise version 5.0
**Description**
The issue concerns the JMX/RMI interface, which does not require authentication for an SAP BO Component. This allows remote attackers to execute arbitrary code via a session on port 81.
**Recommendations**
For Nasdaq BWise version 5.0, consider implementing authentication for the JMX/RMI interface to prevent unauthorized access. As a temporary workaround, restrict access to port 81 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.