CVE-2022-39801

Name of the Vulnerable Software and Affected Versions SAP GRC Access control (affected versions not specified)

Description The issue allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation, the attacker can gain access to the admin session and completely compromise the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.