SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/104715 | Third Party Advisory VDB Entry |
https://launchpad.support.sap.com/#/notes/2620738 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2018-07-10T18:00:00
Updated: 2018-07-12T09:57:01
Reserved: 2017-12-15T00:00:00
Link: CVE-2018-2427
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-07-10T18:29:00.767
Modified: 2018-09-06T13:04:43.207
Link: CVE-2018-2427
JSON object: View
Redhat Information
No data.
CWE