PT-2014-8979 · Sap · Sap Businessobjects Edge

Published

2014-12-17

Updated

2018-10-09

CVE-2014-9387

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Edge version 4.1

Description The issue allows remote attackers to obtain the SI PLATFORM SEARCH SERVER LOGON TOKEN token and gain privileges via a crafted CORBA call.

Recommendations For SAP BusinessObjects Edge version 4.1, apply the fix as described in SAP Note 2039905 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-9387

Affected Products

Sap Businessobjects Edge

PT-2014-8979 · Sap · Sap Businessobjects Edge

CVE-2014-9387

Weakness Enumeration

Related Identifiers

Affected Products

References · 4