Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-29618
HistoryJun 14, 2022 - 7:15 p.m.

Input validation

2022-06-1419:15:00
PRIOn knowledge base
www.prio-n.com
2
input validation
sap netweaver
design time repository
unauthenticated attacker
script injection
code execution
confidentiality
integrity

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

35.9%

Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

35.9%

Related for PRION:CVE-2022-29618