← Back

CVE-2022-22545

nvd nist
Published: Feb 9, 2022Modified: Nov 21, 2024

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.

Affected (15)

Products: Sap: Netweaver Abap
Sap
1 product
Netweaver Abap
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Sap
Netweaver Abap
Version 700
Netweaver Abap
Version 701
Netweaver Abap
Version 702
Netweaver Abap
Version 710
Netweaver Abap
Version 711
Netweaver Abap
Version 730
Netweaver Abap
Version 731
Netweaver Abap
Version 740
Netweaver Abap
Version 750
Netweaver Abap
Version 751
Netweaver Abap
Version 752
Netweaver Abap
Version 753
Netweaver Abap
Version 754
Netweaver Abap
Version 755
Netweaver Abap
Version 756

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cna@sap.com
Permissions RequiredVendor Advisory
Source: cna@sap.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.