CVE-2022-29614

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22

Description The issue concerns the SAP startservice, specifically the s-bit helper program sapuxuserchk on Unix systems, which can be physically abused, resulting in a privilege escalation for an attacker. This leads to a low impact on confidentiality and integrity but a significant impact on availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.