CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-33679

The SAP BusinessObjects BI Platform version - 420 allows an attacker, who has basic access to the application, to inject a malicious script while creating a new module document, file, or folder. When another user visits that page, the stored malicious script will execute in their session, hence allowing the attacker to compromise their confidentiality and integrity.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.8%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://launchpad.support.sap.com/#/notes/3055180
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405
https://launchpad.support.sap.com/#/notes/3055180
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405

Products affected by CVE-2021-33679

Sap » Businessobjects Business Intelligence Platform » Version: 420

cpe:2.3:a:sap:businessobjects_business_intelligence_platform:420

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-33679

Products

Pricing

Contact Us