Vulnerability Description
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Businessobjects Edge | 4.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/130523/SAP-Business-Objects-Unauthorized-Au
- http://seclists.org/fulldisclosure/2015/Feb/94
- http://www.securityfocus.com/archive/1/534750/100/0/threaded
- http://www.securityfocus.com/bid/72775
- http://packetstormsecurity.com/files/130523/SAP-Business-Objects-Unauthorized-Au
- http://seclists.org/fulldisclosure/2015/Feb/94
- http://www.securityfocus.com/archive/1/534750/100/0/threaded
- http://www.securityfocus.com/bid/72775
FAQ
What is CVE-2015-2076?
CVE-2015-2076 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
How severe is CVE-2015-2076?
CVE-2015-2076 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2076?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Businessobjects Edge.