Intrusion Prevention

SAP.BusinessObjects.Axis2.Default.Admin.Password

Description

This indicates an attack attempt to exploit a Cross-Site Request Forgery vulnerability in SAP BusinessObjects Enterprise XI 3.2 and CA ARCserve D2D r15.
The vulnerability may allow remote attackers to execute arbitrary code via sending a crafted request.

Affected Products

SAP BusinessObjects Enterprise XI 3.2
CA ARCserve D2D r15

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2010-0219