CVE-2019-0331

Description

Under certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure.

Affected products

• SAP_SE / SAP BusinessObjects Business Intelligence Platform (BI Workspace)< 4.1 – < 4.1
• SAP_SE / SAP BusinessObjects Business Intelligence Platform (BI Workspace)< 4.2 – < 4.2
• SAP_SE / SAP BusinessObjects Business Intelligence Platform (BI Workspace)< 4.3 – < 4.3

References

• MISChttps://launchpad.support.sap.com/#/notes/2742468
• MISChttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017