← volver
CVE-2022-31590

CVE-2022-31590

EPSS 0.2%CWE-428
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.2%KEV nãoPoC Patch
Ciclo de vida
14 jun 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system.
Productos afectados
SAP SE · SAP PowerDesigner Proxy 16.7

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://launchpad.support.sap.com/#/notes/3197005https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html