Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-22530

Опубликовано: 14 янв. 2022
Источник: nvd
CVSS3: 8.1
CVSS2: 7.5
EPSS Низкий

Описание

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:s\/4hana:100:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:101:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:102:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:103:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:104:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:105:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:106:*:*:*:*:*:*:*

EPSS

Процентиль: 65%
0.00487
Низкий

8.1 High

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-97gx-wpcj-m7f9

CVSS3: 8.1
github
около 4 лет назад

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application.

EPSS

Процентиль: 65%
0.00487
Низкий

8.1 High

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo