CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35298
https://notcve.org/view.php?id=CVE-2022-35298
SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victim’s web browser session. SAP NetWeaver Enterprise Portal (KMC) - versión 7.50, no codifica suficientemente las entradas controladas por el usuario, resultando en una vulnerabilidad de tipo Cross-Site Scripting. El servlet de KMC es vulnerable a un ataque de tipo XSS. • https://launchpad.support.sap.com/#/notes/3219164 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0CVE-2022-35294
https://notcve.org/view.php?id=CVE-2022-35294
An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure including stealing authentication information and impersonating the affected user. Un atacante con privilegios básicos de usuario de negocio podría diseñar y cargar un archivo malicioso en SAP NetWeaver Application Server ABAP, que luego es descargado y visualizado por otros usuarios, dando lugar a un ataque de tipo Cross-Site-Scripting almacenado. Esto podría conllevar a una divulgación de información, incluyendo el robo de información de autenticación y una suplantación del usuario afectado • https://launchpad.support.sap.com/#/notes/3218177 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35292
https://notcve.org/view.php?id=CVE-2022-35292
In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to gain privileged permissions on a system or network leading to high impact on Confidentiality, Integrity, and Availability. En la aplicación SAP Business One, cuando es creado un servicio, la ruta ejecutable contiene espacios y no está entre comillas, conllevando a una vulnerabilidad conocida como Ruta de Servicio sin Comillas que permite a un usuario conseguir privilegios SYSTEM. Si el servicio es explotado por adversarios, puede ser usado para obtener permisos privilegiados en un sistema o red, conllevando a un alto impacto en la Confidencialidad, Integridad y Disponibilidad • https://launchpad.support.sap.com/#/notes/3223392 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-428: Unquoted Search Path or Element •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2CVE-2022-35295 – SAP@ Host Agent Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-35295
In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves. En SAP Host Agent (SAPOSCOL) - versión 7.22, un atacante puede utilizar los archivos creados por saposcol para escalar privilegios para sí mismo SAP@ Host Agent suffers from a privilege escalation vulnerability. • http://packetstormsecurity.com/files/170233/SAP-Host-Agent-Privilege-Escalation.html http://seclists.org/fulldisclosure/2022/Dec/12 https://launchpad.support.sap.com/#/notes/3159736 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32245
https://notcve.org/view.php?id=CVE-2022-32245
SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 420, 430, allows an unauthenticated attacker to retrieve sensitive information plain text over the network. On successful exploitation, the attacker can view any data available for a business user and put load on the application by an automated attack. Thus, completely compromising confidentiality but causing a limited impact on the availability of the application. SAP BusinessObjects Business Intelligence Platform (Open Document) - versiones 420, 430, permite a un atacante no autenticado recuperar información confidencial en texto plano a través de la red. Si es explotado con éxito, el atacante puede visualizar cualquier dato disponible para un usuario de la empresa y poner en carga la aplicación mediante un ataque automatizado. • https://launchpad.support.sap.com/#/notes/3210823 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-319: Cleartext Transmission of Sensitive Information •