CVE-2022-22530

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:s\/4hana:100:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:101:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:102:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:103:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:104:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:105:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:106:*:*:*:*:*:*:*

History

21 Nov 2024, 06:46

Type Values Removed Values Added
References () https://launchpad.support.sap.com/#/notes/3112928 - Permissions Required () https://launchpad.support.sap.com/#/notes/3112928 - Permissions Required
References () https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035 - Vendor Advisory () https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035 - Vendor Advisory

10 Jul 2023, 19:15

Type Values Removed Values Added
Summary The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application. The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application.

Information

Published : 2022-01-14 20:15

Updated : 2024-11-21 06:46


NVD link : CVE-2022-22530

Mitre link : CVE-2022-22530

CVE.ORG link : CVE-2022-22530


JSON object : View

Products Affected

sap

  • s\/4hana