CVE-2010-3980
3 documents3 sources
Severity
4.0MEDIUM
EPSS
0.4%
top 38.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 18
Latest updateMay 17
Description
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9