CVE-2019-0352

In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.30:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-10 17:15

Updated : 2024-02-04 20:20


NVD link : CVE-2019-0352

Mitre link : CVE-2019-0352

CVE.ORG link : CVE-2019-0352


JSON object : View

Products Affected

sap

  • businessobjects_business_intelligence_platform
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor