4.9
CVE-2022-22545
- EPSS 0.36%
- Veröffentlicht 09.02.2022 23:15:19
- Zuletzt bearbeitet 21.11.2024 06:46:59
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
LoginA high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Netweaver Abap Version700
SAP ≫ Netweaver Abap Version701
SAP ≫ Netweaver Abap Version702
SAP ≫ Netweaver Abap Version710
SAP ≫ Netweaver Abap Version711
SAP ≫ Netweaver Abap Version730
SAP ≫ Netweaver Abap Version731
SAP ≫ Netweaver Abap Version740
SAP ≫ Netweaver Abap Version750
SAP ≫ Netweaver Abap Version751
SAP ≫ Netweaver Abap Version752
SAP ≫ Netweaver Abap Version753
SAP ≫ Netweaver Abap Version754
SAP ≫ Netweaver Abap Version755
SAP ≫ Netweaver Abap Version756
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.576 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.