CVE-2022-31597

🗓️ 12 Jul 2022 20:27:00Reported by sapType

SAP S/4HANA privilege escalation vulnerability

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-31597	12 Jul 202221:15	–	attackerkb
BDU FSTEC	The vulnerability of the Application Business Partner Extension component of the SAP S/4HANA software platform allows attackers to enhance their privileges.	12 Sep 202200:00	–	bdu_fstec
CNNVD	SAP S/4HANA 安全漏洞	12 Jul 202200:00	–	cnnvd
CNVD	SAP S/4HANA Licensing Issue Vulnerability	15 Jul 202200:00	–	cnvd
CVE	CVE-2022-31597	12 Jul 202220:27	–	cve
EUVD	EUVD-2022-53051	3 Oct 202520:07	–	euvd
NVD	CVE-2022-31597	12 Jul 202221:15	–	nvd
OSV	CVE-2022-31597	12 Jul 202221:15	–	osv
Prion	Authorization	12 Jul 202221:15	–	prion
RedhatCVE	CVE-2022-31597	22 May 202522:54	–	redhatcve

[
  {
    "product": "SAP S/4HANA",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4CORE 101"
      },
      {
        "status": "affected",
        "version": "102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "SAPSCORE 127"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

12 Jul 2022 20:27Current

5.9Medium risk

Vulners AI Score5.9

EPSS0.0036

CWE-862