Posted by Onapsis Research Labs on Dec 16

Onapsis Security Advisory ONAPSIS-2014-034: SAP Business Objects Search
Token Privilege Escalation via CORBA

1. Impact on Business
=====================

By exploiting this vulnerability a remote and potentially
unauthenticated attacker would be able to access or modify any
information stored on the SAP BusineesObjects server.
The attacker could also connect to the business systems depending on the
configuration of the BO infrastructure.

Risk…