CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27657 – SAP FRUN Simple Diagnostics Agent 1.0 Directory Traversal
https://notcve.org/view.php?id=CVE-2022-27657
A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0. Un atacante remoto con altos privilegios, puede obtener acceso no autorizado para mostrar el contenido de directorios restringidos aprovechando la insuficiente comprobación de la información de la ruta en SAP Focused Run (Simple Diagnostics Agent versión 1.0) - versión 1.0 SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a directory traversal vulnerability. • http://packetstormsecurity.com/files/167563/SAP-FRUN-Simple-Diagnostics-Agent-1.0-Directory-Traversal.html http://seclists.org/fulldisclosure/2022/Jun/41 https://launchpad.support.sap.com/#/notes/3159091 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •