← voltar
CVE-2022-22542

CVE-2022-22542

EPSS 0.9%CWE-200
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
09 fev 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitly authorized to have access to that information, which could compromise Confidentiality.
Produtos afetados
SAP SE · SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://launchpad.support.sap.com/#/notes/3142092https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html