NVD

Id
15308  
Name
CVE-2010-3980  
Description
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2010-10-18  
Modified Date
2010-10-19  
Seq
2010-3980  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
86234 15308 CVE-2010-3980 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37494 JVNDB-2010-003279 SAP BusinessObjects Enterprise の Dswsbobje におけるサービス運用妨害 (DoS) の脆弱性 SAP BusinessObjects Enterprise の Dswsbobje は、要求される CUID の数を制限しないため、サービス運用妨害状態となる脆弱性が存在します。 CVE-2010-3980 46560 CVE-2010-3980 15308 4 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003279.html 2010-10-18 2012-03-27 View