-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forÂ
Success! Subscription added.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
This group has been set to read-only. Please go to our new Developer forums to publish your content instead.
Read only
Vulernabilities
Former Member
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2020 Mar 16 2:35 PM
763
- SAP Managed Tags
- Security
Is there a version of the crystal reports runtime installer that addresses the following vulnerabilities:
- 1.Vulnerabilities exist because CRRuntime installs IIS to the root of C:\. This is considered a high vulnerability.
- This can be found in the following locations within the application:
- C:\inetpub
- 2.Vulnerabilities exist because CRRuntime installs an unknown version of libcurl which may contain vulnerabilities according to the following Common Vulnerabilities datastore link:
- https://www.cvedetails.com/vulnerability-list/vendor_id-12682/product_id-25085/Haxx-Libcurl.html
- This can be found in the following location within the application: c:\program files (x86)\sap businessobjects\crystal reports for .net framework 4.0\common\sap businessobjects enterprise xi 4.0\win32_x86\libcurl.dll
- 3.Vulnerabilities exist because CRRuntime installs libssh2 version 1.4.3 which contain vulnerabilities according to the following Common Vulnerabilities datastore link:
- This can be found in the following location within the application:c:\program files (x86)\sap businessobjects\crystal reports for .net framework 4.0\common\sap businessobjects enterprise xi 4.0\win32_x86\libssh2.dll
- This can be found in the following location within the application: c:\program files (x86)\sap businessobjects\crystal reports for .net framework 4.0\common\sap businessobjects enterprise xi 4.0\win32_x86\ssleaym32.dll
- This can be found in the following location within the application: c:\program files (x86)\sap businessobjects\crystal reports for .net framework 4.0\common\sap businessobjects enterprise xi 4.0\win32_x86\xerces-c_3_1.dll
0 REPLIES 0
Bluesky