CVE-2022-39801

SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and completely compromise the application.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.6 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://launchpad.support.sap.com/#/notes/3237075	Permissions Required Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html	Vendor Advisory
https://launchpad.support.sap.com/#/notes/3237075	Permissions Required Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:access_control:12:*:*:*:*:*:*:*

History

21 Nov 2024, 07:18

Type	Values Removed	Values Added
References	~~() https://launchpad.support.sap.com/#/notes/3237075 - Permissions Required, Vendor Advisory~~	() https://launchpad.support.sap.com/#/notes/3237075 - Permissions Required, Vendor Advisory
References	~~() https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory~~	() https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory

Information

Published : 2022-09-13 16:15

Updated : 2024-11-21 07:18

NVD link : CVE-2022-39801

Mitre link : CVE-2022-39801

CVE.ORG link : CVE-2022-39801

JSON object : View

Products Affected

sap

access_control

CWE

CWE-287

Improper Authentication

{"id": "CVE-2022-39801", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2022-09-13T16:15:09.170", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3237075", "tags": ["Permissions Required", "Vendor Advisory"], "source": "cna@sap.com"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}, {"url": "https://launchpad.support.sap.com/#/notes/3237075", "tags": ["Permissions Required", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and completely compromise the application."}, {"lang": "es", "value": "SAP GRC Access control Emergency Access Management permite a un atacante autenticado acceder a una sesi\u00f3n de Firefighter incluso despu\u00e9s de haberla cerrado en Firefighter Logon Pad. Este ataque s\u00f3lo puede lanzarse dentro del firewall. Si es explotado con \u00e9xito, el atacante puede conseguir acceso a la sesi\u00f3n de administrador y comprometer completamente la aplicaci\u00f3n"}], "lastModified": "2024-11-21T07:18:16.603", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:access_control:12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C685DE70-CE9E-43D0-BCE5-A7B90444A13E"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}