Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSapCVELIST:CVE-2022-39802
HistoryOct 11, 2022 - 12:00 a.m.

CVE-2022-39802

2022-10-1100:00:00
CWE-22
sap
www.cve.org
sap manufacturing execution
arbitrary traversal
information disclosure

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

JSON

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure.

CNA Affected

[
  {
    "vendor": "SAP SE",
    "product": "SAP Manufacturing Execution",
    "versions": [
      {
        "version": "15.1",
        "status": "affected"
      },
      {
        "version": "15.2",
        "status": "affected"
      },
      {
        "version": "15.3",
        "status": "affected"
      }
    ]
  }
]

Related

cnvd 1
prion 1
cve 1
nvd 1
cnvd
cnvd
SAP Manufacturing Execution Path Traversal Vulnerability
2022-10-13 00:00:00
prion
prion
Input validation
2022-10-11 21:15:00
cve
cve
CVE-2022-39802
2022-10-11 21:15:14
nvd
nvd
CVE-2022-39802
2022-10-11 21:15:14

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

JSON
Related for CVELIST:CVE-2022-39802
cnvd1prion1cve1nvd1