PT-2018-15589 · Sap · Web Intelligence Richclient+1

Published

2018-11-13

Updated

2020-08-24

CVE-2018-2473

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence Platform Server versions 4.1 and 4.2

Description The issue allows an attacker to prevent legitimate users from accessing a service by either crashing or flooding it, specifically when Web Intelligence Richclient 3 tiers mode gateway is used.

Recommendations For versions 4.1 and 4.2, consider restricting access to the Web Intelligence Richclient 3 tiers mode gateway to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-2473

Affected Products

Sap Businessobjects Business Intelligence Platform

Web Intelligence Richclient

PT-2018-15589 · Sap · Web Intelligence Richclient+1

CVE-2018-2473

Related Identifiers

Affected Products

References · 5