CVE-2022-41268

Published: 13/12/2022 Updated: 07/11/2023

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 0

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap business planning and consolidation 751
sap business planning and consolidation 752
sap business planning and consolidation 753
sap business planning and consolidation 754
sap business planning and consolidation 755
sap business planning and consolidation 810
sap business planning and consolidation 200
sap business planning and consolidation 750
sap business planning and consolidation 756
sap business planning and consolidation 757
sap business planning and consolidation 300

CWE-269 https://launchpad.support.sap.com/#/notes/3271091 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-41268

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect