CVE-2022-41205
CVE-2022-41205
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
08 Nov 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application.
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H
Affected products
SAP SE · SAP GUI for WindowsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →