The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/153471/SAP-Crystal-Reports-Information-Disclosure.html | |
https://launchpad.support.sap.com/#/notes/2687663 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2019-04-10T20:26:59
Updated: 2019-07-01T17:06:09
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-0285
JSON object: View
NVD Information
Status : Modified
Published: 2019-04-10T21:29:01.417
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-0285
JSON object: View
Redhat Information
No data.
CWE