CVE-2018-2442
published 2018-08-14CVE-2018-2442: In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | businessobjects_business_intelligence | — | — |
| sap | businessobjects_business_intelligence | — | — |
| sap | businessobjects_business_intelligence | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | sap_businessobjects_business_intelligence | — | — |
| sap | sap_businessobjects_business_intelligence | — | — |
| sap | sap_businessobjects_business_intelligence | — | — |