Rewterz Threat Advisory – CVE-2019-1691 – Cisco Firepower Management Center Snort

February 21, 2019

Rewterz Threat Alert – Fraudulent Phishing Emails – IoCs

February 21, 2019

Rewterz Threat Advisory – CVE-2019-0251/ CVE-2019-0259 – SAP BusinessObjects BI Multiple Vulnerabilities

February 21, 2019

Severity

Medium

Analysis Summary

CVE-2019-0251

The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

CVE-2019-0259

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.

Impact

Cross Site Scripting

Security Bypass

Affected Products

SAP BusinessObjects BI 4.2

SAP BusinessObjects BI 4.3

Remediation

Apply SAP Notes 2727564 and 2638175.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Bitter APT – Active IOCs

Google Chrome 0-Day Vulnerability Actively Exploited – Immediate Update

Multiple Microsoft Windows Products Zero-Day Vulnerabilities Exploit in the Wild

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2019-1691 – Cisco Firepower Management Center Snort

Rewterz Threat Alert – Fraudulent Phishing Emails – IoCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.