Lucene search
SapCVELIST:CVE-2022-26102HistoryMar 08, 2022 - 1:35 p.m.
CVE-2022-26102
2022-03-0813:35:51
CWE-862
sap
www.cve.org
0.001 Low
EPSS
Percentile
22.9%
Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701, 702, 731, allows an authenticated attacker, to access content on the start screen of any transaction that is available with in the same SAP system even if he/she isnβt authorized for that transaction. A successful exploitation could expose information and in worst case manipulate data before the start screen is executed, resulting in limited impact on confidentiality and integrity of the application.
CNA Affected
[
{
"product": "SAP NetWeaver Application Server for ABAP",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 700"
},
{
"status": "affected",
"version": "< 701"
},
{
"status": "affected",
"version": "< 702"
},
{
"status": "affected",
"version": "< 731"
}
]
}
]Related
cve
cve
CVE-2022-26102
2022-03-10 17:47:30
prion
prion
Authorization
2022-03-10 17:47:00
nessus
nessus
SAP NetWeaver AS ABAP Missing Authorization (3145997)
2023-01-12 00:00:00
nvd
nvd
CVE-2022-26102
2022-03-10 17:47:30