CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41272
https://notcve.org/view.php?id=CVE-2022-41272
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application. Un atacante no autenticado a través de la red puede conectarse a una interfaz abierta expuesta a través de JNDI mediante User Defined Search (UDS) de SAP NetWeaver Process Integration (PI), versión 7.50, y hacer uso de una API de directorio y nombres abiertos para acceder a servicios que pueden ser se utiliza para realizar operaciones no autorizadas que afectan a los usuarios y a los datos en todo el sistema. Esto permite al atacante tener acceso de lectura completo a los datos del usuario, realizar modificaciones limitadas en los datos del usuario y degradar el rendimiento del sistema, lo que genera un alto impacto en la confidencialidad y un impacto limitado en la disponibilidad e integridad de la aplicación. • https://github.com/redrays-io/CVE-2022-41272 https://launchpad.support.sap.com/#/notes/3273480 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-306: Missing Authentication for Critical Function CWE-862: Missing Authorization •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41271
https://notcve.org/view.php?id=CVE-2022-41271
An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability affects local users and data, leading to a considerable impact on confidentiality as well as availability and a limited impact on the integrity of the application. These operations can be used to: * Read any information * Modify sensitive information * Denial of Service attacks (DoS) * SQL Injection Un usuario no autenticado puede conectarse a una interfaz abierta expuesta a través de JNDI por el sistema de mensajería de SAP NetWeaver Process Integration (PI), versión 7.50. Este usuario puede hacer uso de una API de directorio y nombres abiertos para acceder a servicios que podrían realizar operaciones no autorizadas. • https://launchpad.support.sap.com/#/notes/3267780 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-306: Missing Authentication for Critical Function CWE-862: Missing Authorization •
CVSS: 8.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-41268
https://notcve.org/view.php?id=CVE-2022-41268
In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data. En algunos roles estándar de SAP en SAP Business Planning and Consolidation - versiones - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, se utiliza un código de transacción reservado para el cliente. Al implementar dicho código de transacción, un usuario malintencionado puede ejecutar una funcionalidad de transacción no autorizada. • https://launchpad.support.sap.com/#/notes/3271091 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-269: Improper Privilege Management •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-41267
https://notcve.org/view.php?id=CVE-2022-41267
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application. SAP Business Objects Platform: versiones 420 y 430, permite a un atacante con privilegios de usuario de BI normal cargar/reemplazar cualquier archivo en el servidor de Business Objects a nivel del sistema operativo, lo que le permite al atacante tomar control total del sistema y causar un alto impacto en confidencialidad, integridad y disponibilidad de la solicitud. • https://launchpad.support.sap.com/#/notes/3239475 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-41266
https://notcve.org/view.php?id=CVE-2022-41266
Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce. Debido a la falta de una validación de entrada adecuada, SAP Commerce Webservices 2.0 (Swagger UI): versiones 1905, 2005, 2105, 2011, 2205, permite entradas maliciosas de fuentes no confiables, que un atacante puede aprovechar para ejecutar un ataque de cross site scripting DOM (XSS). Como resultado, un atacante puede robar tokens de usuario y lograr el control total de la cuenta, incluido el acceso a herramientas administrativas en SAP Commerce. • https://launchpad.support.sap.com/#/notes/3248255 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •