PT-2022-18553 · Sap · Sap Focused Run
Yvan Genuer
·
Published
2022-04-12
·
Updated
2023-02-01
·
CVE-2022-27657
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SAP Focused Run (Simple Diagnostics Agent 1.0) version 1.0
Description
A highly privileged remote attacker can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information.
Recommendations
For SAP Focused Run (Simple Diagnostics Agent 1.0) version 1.0, consider restricting access to sensitive directories until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Focused Run