Search criteria
2 vulnerabilities found for SAP BusinessObjects Analysis, (edition for OLAP) by SAP SE
CVE-2021-40497 (GCVE-0-2021-40497)
Vulnerability from cvelistv5 – Published: 2021-10-12 14:03 – Updated: 2024-08-04 02:44
VLAI?
Summary
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP BusinessObjects Analysis, (edition for OLAP) |
Affected:
< 420
Affected: < 430 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:44:10.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3098917"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP BusinessObjects Analysis, (edition for OLAP)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 420"
},
{
"status": "affected",
"version": "\u003c 430"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-12T14:03:26",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3098917"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-40497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP BusinessObjects Analysis, (edition for OLAP)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "420"
},
{
"version_name": "\u003c",
"version_value": "430"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3098917",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3098917"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-40497",
"datePublished": "2021-10-12T14:03:26",
"dateReserved": "2021-09-03T00:00:00",
"dateUpdated": "2024-08-04T02:44:10.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40497 (GCVE-0-2021-40497)
Vulnerability from nvd – Published: 2021-10-12 14:03 – Updated: 2024-08-04 02:44
VLAI?
Summary
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP BusinessObjects Analysis, (edition for OLAP) |
Affected:
< 420
Affected: < 430 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:44:10.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3098917"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP BusinessObjects Analysis, (edition for OLAP)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 420"
},
{
"status": "affected",
"version": "\u003c 430"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-12T14:03:26",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3098917"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-40497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP BusinessObjects Analysis, (edition for OLAP)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "420"
},
{
"version_name": "\u003c",
"version_value": "430"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3098917",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3098917"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-40497",
"datePublished": "2021-10-12T14:03:26",
"dateReserved": "2021-09-03T00:00:00",
"dateUpdated": "2024-08-04T02:44:10.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}