SAPBusinessObjects Information Disclosure Vulnerability

Summary

Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, allows an attacker to access information which would otherwise be restricted.

Credit:

The information has been provided by SAP.
The original article can be found at: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032


Details

SAP Businessobjects is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application

Vulnerable Systems:

  • SAP Businessobjects 4.2
  • SAP Businessobjects 4.3

CVE Information:
CVE-2019-0287

Disclosure Timeline:
Publish Date:05/14/2019