本ページは sap businessobjects_edge に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2015-2074 | The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681. | [email protected] | 7.5 | 3.50% | 2021-08-09 | 2024-11-21 |
| CVE-2015-2073 | The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682. | [email protected] | 7.5 | 3.96% | 2021-08-09 | 2024-11-21 |
| CVE-2014-9320 | SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905. | [email protected] | 9.8 | 4.25% | 2021-08-09 | 2024-11-21 |
| CVE-2015-7730 | SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108. | [email protected] | 10.0 | 3.63% | 2015-10-15 | 2026-05-06 |
| CVE-2015-2076 | The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information by reading an audit event, aka SAP Note 2011395. | [email protected] | 5.0 | 2.33% | 2015-02-27 | 2026-05-06 |
| CVE-2015-2075 | SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396. | [email protected] | 5.0 | 2.84% | 2015-02-27 | 2026-05-06 |