2 matches found
CVE-2022-41272
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search UDS of SAP NetWeaver Process Integration PI - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized...
CVE-2022-41272
SAP NetWeaver Process Integration (PI) 7.50 is affected by CVE-2022-41272. An unauthenticated attacker can connect to open interfaces exposed via JNDI in the UDS feature and use open naming/directory APIs to access services, enabling full read access to user data, limited modifications, and syste...