Published: 11/10/2022 Updated: 28/10/2022

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an malicious user to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap manufacturing execution 15.2
sap manufacturing execution 15.3
sap manufacturing execution 15.1

[CVE-2022-39802] File path traversal vulnerability in SAP Manufacturing Execution

3242933 – [CVE-2022-39802] File path traversal vulnerability in SAP Manufacturing Execution General information Risk: CRITICAL Versions Affected: SAP MFG EXECUTION CORE 151 SAP MFG EXECUTION CORE 152 SAP MFG EXECUTION CORE 153 Vendor URL: sapcom Bug: File path traversal vulnerability Reported: September 2022 Date of Publ

CWE-22 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html https://launchpad.support.sap.com/#/notes/3242933 http://packetstormsecurity.com/files/168716/SAP-Manufacturing-Execution-Core-15.3-Path-Traversal.html https://nvd.nist.gov https://github.com/redrays-io/CVE-2022-39802

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-39802

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect