Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-41272
HistoryDec 13, 2022 - 4:15 a.m.

Open redirect

2022-12-1304:15:00
PRIOn knowledge base
www.prio-n.com
8
open redirect
network attack
jndi exploit
unauthorized access
user data breach
system performance.

8.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.

CPENameOperatorVersion
netweaver_process_integrationeq7.50

Related

cvelist 1
cve 1
nvd 1
nessus 1
cvelist
cvelist
CVE-2022-41272
2022-12-13 03:05:13
cve
cve
CVE-2022-41272
2022-12-13 04:15:24
nvd
nvd
CVE-2022-41272
2022-12-13 04:15:24
nessus
nessus
SAP NetWeaver AS Java Multiple Vulnerabilities (April 2023)
2023-04-17 00:00:00

8.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON
Related for PRION:CVE-2022-41272
cvelist1cve1nvd1nessus1