Lucene search

PRIOn knowledge basePRION:CVE-2022-41208

HistoryNov 08, 2022 - 10:15 p.m.

Input validation

2022-11-0822:15:00

PRIOn knowledge base

www.prio-n.com

input validation

sap financial consolidation

version 1010

authenticated attacker

user privileges

alter user session

successful exploitation

view or modify information

limited impact

confidentiality

integrity

application security

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity of the application.

CPENameOperatorVersion
financial_consolidationeq1010

CPE	Name	Operator	Version
	financial_consolidation	eq	1010

References

launchpad.support.sap.com/

www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html