CVE-2014-9387

CWE-2643 documents3 sources
Severity
10.0CRITICAL
EPSS
5.8%
top 9.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Businessobjects
Timeline
PublishedDec 17
Latest updateMay 14

Description

SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-fr44-v39f-hp6h: SAP BusinessObjects Edge 42022-05-14
CVEList
CVE-2014-9387: SAP BusinessObjects Edge 42014-12-17
CVE-2014-9387 (CRITICAL CVSS 10) | SAP BusinessObjects Edge 4.1 allows | cvebase.io