Vulnerabilities > SAP > Businessobjects Business Intelligence Platform > 2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-12	CVE-2020-6242	Missing Authentication for Critical Function vulnerability in SAP Businessobjects Business Intelligence Platform SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificate, leading to Missing Authentication Check. network low complexity sap CWE-306 critical	9.8
2019-12-11	CVE-2019-0395	Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence Platform SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability. network sap CWE-79	3.5
2019-11-13	CVE-2019-0382	Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence Platform A Cross-Site Scripting vulnerability exists in SAP BusinessObjects Business Intelligence Platform (Web Intelligence-Publication related pages); corrected in version 4.2. network sap CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.