CVE-2015-2076

EUVD-2015-2187
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
sapbusinessobjects_edge
4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/130523/SAP-Business-Objects-Unauthorized-Audit-Information-Access.html
http://seclists.org/fulldisclosure/2015/Feb/94
http://www.securityfocus.com/archive/1/534750/100/0/threaded
http://www.securityfocus.com/bid/72775
http://packetstormsecurity.com/files/130523/SAP-Business-Objects-Unauthorized-Audit-Information-Access.html
http://seclists.org/fulldisclosure/2015/Feb/94
http://www.securityfocus.com/archive/1/534750/100/0/threaded
http://www.securityfocus.com/bid/72775