CVE-2010-3980

Exploit

EPSS 0.41%
Published 18.10.2010 17:00:04
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI.

Affected products Warnungen 0 Metrics 2 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

SAP ≫ Businessobjects Version3.2 Editionenterprise_xi

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.41%	0.584

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P

http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2010-3980

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3980

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3980

EUVD