Vulnerabilities > SAP > Businessobjects Edge

DATE CVE VULNERABILITY TITLE RISK
2021-08-09 CVE-2014-9320 Improper Authentication vulnerability in SAP Businessobjects Edge 4.1
SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
network
low complexity
sap CWE-287
critical
9.8
2021-08-09 CVE-2015-2073 Path Traversal vulnerability in SAP Businessobjects Edge 4.0
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682.
network
low complexity
sap CWE-22
7.5
2021-08-09 CVE-2015-2074 Path Traversal vulnerability in SAP Businessobjects Edge 4.0
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681.
network
low complexity
sap CWE-22
7.5