Rewterz

Rewterz Threat Alert – DNS Compromise Attack Phishing Spam

June 11, 2019
Rewterz

Rewterz Threat Advisory – CVE-2019-7845 – Adobe Flash Player Arbitrary Code Execution Vulnerability

June 12, 2019

Rewterz Threat Advisory – CVE-2019-0303 – SAP BusinessObjects BI Administration Console Cross Site Scripting Vulnerability

Severity

Medium

Analysis Summary

Certain input related to Administration Console is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

Impact

Cross-Site Scripting

Affected Vendors

SAP

Affected Products

SAP BusinessObjects BI 4.2 and 4.3

Remediation

Vendor has released updates for the following product.

Apply SAP Note 2637997.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.