admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-225xx/CVE-2022-22530.json
cad-safe-bot 5d2a3862af Auto-Update: 2023-07-10T20:00:38.363993+00:00
2023-07-10 20:00:41 +00:00

141 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-22530",
"sourceIdentifier": "cna@sap.com",
"published": "2022-01-14T20:15:15.837",
"lastModified": "2023-07-10T19:15:09.487",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application.\n\n"
},
{
"lang": "es",
"value": "La aplicaci\u00f3n F0743 Create Single Payment de SAP S/4HANA - versiones 100, 101, 102, 103, 104, 105, 106, no comprueba los archivos cargados o descargados. Esto permite a un atacante con derechos de usuario b\u00e1sicos inyectar contenido peligroso o c\u00f3digo malicioso que podr\u00eda resultar en una modificaci\u00f3n de informaci\u00f3n cr\u00edtica o comprometer completamente la disponibilidad de la aplicaci\u00f3n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "COMPLETE",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 7.8,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "11051D6A-FC81-4951-ACDA-BB07D5A5D751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:101:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FE144C-BAF2-4E45-93EE-D70764BDEFD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:102:*:*:*:*:*:*:*",
"matchCriteriaId": "55BACB30-A607-410E-AB05-E991CC19CE12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:103:*:*:*:*:*:*:*",
"matchCriteriaId": "95A0C742-4CBD-46B8-B2B3-5949EFC82A6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:104:*:*:*:*:*:*:*",
"matchCriteriaId": "14A540DA-F234-4EEA-ADE8-4F6306A86C1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:105:*:*:*:*:*:*:*",
"matchCriteriaId": "088EF501-76F9-44EC-B8B9-AED6F6096C03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4hana:106:*:*:*:*:*:*:*",
"matchCriteriaId": "E0023602-B509-4B20-9B29-20EEE88E1692"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3112928",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink