Vulnerabilities > SAP > Businessobjects Business Intelligence Platform > 430

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-12	CVE-2022-27667	Information Exposure vulnerability in SAP Businessobjects Business Intelligence Platform 430 Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure. network sap CWE-200	4.3
2022-04-12	CVE-2022-27671	Information Exposure Through Sent Data vulnerability in SAP Businessobjects Business Intelligence Platform 420/430 A CSRF token visible in the URL may possibly lead to information disclosure vulnerability. network sap CWE-201	4.3
2022-04-12	CVE-2022-28213	Missing XML Validation vulnerability in SAP Businessobjects Business Intelligence Platform 420/430 When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS. network low complexity sap CWE-112	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.