Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-2075

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-2075
Last Modified 16 Mar 2015 10:02:07
Published 27 Feb 2015 10:59:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-2075

Summary

SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.

Vulnerable Systems

Application

  • Sap Businessobjects Edge 4.0


References

BID - 72778

BUGTRAQ - 20150225 [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA

MISC - http://packetstormsecurity.com/files/130522/SAP-Business-Objects-Unauthorized-Audit-Information-Delete.html


Last Updated: 27 May 2016 11:07:57