VDB
CVE-2022-35291
CVE-2022-35291
PUBLISHED
CVSS 8.100000381469727 HIGH
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
EPSS 0.23% · 46.1th percentile
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.23%
46.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP | SAP Financial Consolidation | |
| SAP | SAP BusinessObjects Business Intelligence | |
| SAP | N/A | |
| sap | successfactors_mobile | 8.0.5, 8.0.5 |
| SAP | NetWeaver Application Server ABAP et ABAP Platform |
Timeline
- Jul 27, 2022 CVE Published
- Jul 28, 2022 EPSS Score
- Sep 13, 2022 EPSS Score
- Oct 29, 2022 EPSS Score
- Dec 15, 2022 EPSS Score
- Jan 30, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 18, 2023 EPSS Score
- May 4, 2023 EPSS Score
- Jun 19, 2023 EPSS Score
- Aug 5, 2023 EPSS Score
- Sep 21, 2023 EPSS Score
References
- https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=1&todaysdate=2022-11-09 advisory
- https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=1&todaysdate=2022-09-14 advisory
- https://launchpad.support.sap.com/#/notes/3226411 technical
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-35291 advisory