CVE-2019-0303 - Vulnerability Details - OpenCVE

SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript code when the url is accessed.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00231.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Businessobjects

Configuration 1 [-]

OR	cpe:2.3:a:sap:businessobjects:4.2:::::::*
	cpe:2.3:a:sap:businessobjects:4.3:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2019-1076	SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript code when the url is accessed.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/2637997
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2019-06-14T18:50:18

Updated: 2024-08-04T17:44:16.390Z

Reserved: 2018-11-26T00:00:00

Link: CVE-2019-0303

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-06-14T19:29:00.277

Modified: 2024-11-21T04:16:39.203

Link: CVE-2019-0303

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "SAP BusinessObjects Business Intelligence Platform (Administration Console)", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "< 4.2"}, {"status": "affected", "version": "< 4.3"}]}], "descriptions": [{"lang": "en", "value": "SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript code when the url is accessed."}], "problemTypes": [{"descriptions": [{"description": "Cross Site Scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-06-14T18:50:18", "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"}, {"tags": ["x_refsource_MISC"], "url": "https://launchpad.support.sap.com/#/notes/2637997"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@sap.com", "ID": "CVE-2019-0303", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SAP BusinessObjects Business Intelligence Platform (Administration Console)", "version": {"version_data": [{"version_name": "<", "version_value": "4.2"}, {"version_name": "<", "version_value": "4.3"}]}}]}, "vendor_name": "SAP SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript code when the url is accessed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross Site Scripting"}]}]}, "references": {"reference_data": [{"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242", "refsource": "MISC", "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"}, {"name": "https://launchpad.support.sap.com/#/notes/2637997", "refsource": "MISC", "url": "https://launchpad.support.sap.com/#/notes/2637997"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:44:16.390Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://launchpad.support.sap.com/#/notes/2637997"}]}]}, "cveMetadata": {"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "cveId": "CVE-2019-0303", "datePublished": "2019-06-14T18:50:18", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:44:16.390Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:businessobjects:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "07B4BCC2-3F12-4A66-AF86-1C8C2B418B69", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:businessobjects:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7445C0BF-43DD-4A04-83AF-2DDB7C393333", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript code when the url is accessed."}, {"lang": "es", "value": "Business Intelligence Platform (Consola de administraci\u00f3n) de SAP BusinessObjects, versiones 4.2, 4.3, m\u00f3dulo BILogon/appService.jsp est\u00e1 reflejando el par\u00e1metro errMsg solicitado en el contenido de la respuesta sin saneamiento. Este podr\u00eda ser utilizado por un atacante para crear una URL especial que ejecute c\u00f3digo JavaScript personalizado cuando la URL sea accedida."}], "id": "CVE-2019-0303", "lastModified": "2024-11-21T04:16:39.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-06-14T19:29:00.277", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/2637997"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/2637997"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}