Описание
Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server.
EPSS
7.8 High
CVSS3
Дефекты
Связанные уязвимости
Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server.
Уязвимость инструмента для упрощения установки и настройки систем SAP SAP Setup, связанная с неконтролируемым элементом пути поиска, позволяющая нарушителю повысить свои привилегии
EPSS
7.8 High
CVSS3