CVE-2014-9320
- EPSS 9.49%
- Published 09.08.2021 19:15:07
- Last modified 21.11.2024 02:20:36
SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
CVE-2015-2073
- EPSS 2.34%
- Published 09.08.2021 19:15:07
- Last modified 21.11.2024 02:26:42
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682.
CVE-2015-2074
- EPSS 2.14%
- Published 09.08.2021 19:15:07
- Last modified 21.11.2024 02:26:42
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681.
- EPSS 1.88%
- Published 15.10.2015 20:59:08
- Last modified 12.04.2025 10:46:40
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
- EPSS 0.39%
- Published 27.02.2015 15:59:03
- Last modified 12.04.2025 10:46:40
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
- EPSS 1.19%
- Published 27.02.2015 15:59:02
- Last modified 12.04.2025 10:46:40
SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.