Main Vulnerability Database Exploits ID:5916 - Exploit for Information disclosure in Crystal Reports - CVE-2019-0285

ID:5916 - Exploit for Information disclosure in Crystal Reports - CVE-2019-0285

Published: June 17, 2021

Vulnerability identifier: #VU36006

Vulnerability risk: High

CVE-ID: CVE-2019-0285

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
Crystal Reports

Link to public exploit:

https://www.exploit-db.com/exploits/47061/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.

Remediation

Install update from vendor's website.

ID:5916 - Exploit for Information disclosure in Crystal Reports - CVE-2019-0285

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human