CVE-2021-40500

{"id": "CVE-2021-40500", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-10-12T15:15:09.770", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3074693", "tags": ["Permissions Required"], "source": "cna@sap.com"}, {"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the attacker to retrieve arbitrary files from the server."}, {"lang": "es", "value": "SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versiones 420, 430, permite a un atacante no autenticado explotar las comprobaciones XML faltantes en los endpoints para leer datos confidenciales. Estos endpoints est\u00e1n normalmente expuestos a trav\u00e9s de la red y una explotaci\u00f3n con \u00e9xito puede permitir al atacante recuperar archivos arbitrarios del servidor"}], "lastModified": "2021-10-18T18:21:17.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94D99965-4042-45FB-9DD1-E2179BC2CB04"}, {"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8736E5E3-BF1A-4E3C-92B9-E81C4F7B4877"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}