VDB

CVE-2022-32247

CVE-2022-32247 PUBLISHED CVSS 6.099999904632568 MEDIUM

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

EPSS 1.79% · 83.1th percentile

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
1.79%
83.1th percentile

Affected Products

VendorProductVersions
sapnetweaver_enterprise_portal7.10, 7.20, 7.30
SAP SESAP NetWeaver Enterprise Portal7.10, 7.11, 7.20

Exploit Intelligence

Timeline

  • Jul 12, 2022 CVE Published
  • Jul 13, 2022 EPSS Score
  • Jul 21, 2022 EPSS Score
  • Aug 30, 2022 EPSS Score
  • Oct 16, 2022 EPSS Score
  • Dec 2, 2022 EPSS Score
  • Jan 18, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 23, 2023 EPSS Score
  • Jul 26, 2023 EPSS Score
  • Sep 11, 2023 EPSS Score
  • Oct 28, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›