Unauthenticated Information Disclosure in SAP BusinessObjects Business Intelligence

Unauthenticated Information Disclosure in SAP BusinessObjects Business Intelligence

CVE-2018-2446 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.

Learn more about our Cis Benchmark Audit For Server Software.