PT-2014-8459 · Sap · Sap Businessobjects Edge

Published

2014-10-16

Updated

2018-10-09

CVE-2014-8310

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects BI Edge version 4.0

Description The issue allows remote attackers to cause a denial of service, resulting in a server shutdown, by sending crafted OSCAFactory::Session ORB messages to the CMS CORBA listener.

Recommendations For SAP BusinessObjects BI Edge version 4.0, consider restricting access to the CMS CORBA listener to minimize the risk of exploitation until a patch is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2014-8310

Affected Products

Sap Businessobjects Edge

PT-2014-8459 · Sap · Sap Businessobjects Edge

CVE-2014-8310

Weakness Enumeration

Related Identifiers

Affected Products

References · 9