CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-16684

SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 82.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/102147
https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
https://launchpad.support.sap.com/#/notes/2537152
http://www.securityfocus.com/bid/102147
https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
https://launchpad.support.sap.com/#/notes/2537152

Products affected by CVE-2017-16684

Sap » Business Intelligence Promotion Management Application » Version: 4.10

cpe:2.3:a:sap:business_intelligence_promotion_management_application:4.10
Sap » Business Intelligence Promotion Management Application » Version: 4.20

cpe:2.3:a:sap:business_intelligence_promotion_management_application:4.20
Sap » Business Intelligence Promotion Management Application » Version: 4.30

cpe:2.3:a:sap:business_intelligence_promotion_management_application:4.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16684

Products

Pricing

Contact Us