CVE-2022-41208

Name of the Vulnerable Software and Affected Versions SAP Financial Consolidation version 1010

Description The issue is caused by insufficient input validation, allowing an authenticated attacker with user privileges to alter the current user session. This can lead to the attacker being able to view or modify information, resulting in a limited impact on the confidentiality and integrity of the application.

Recommendations For SAP Financial Consolidation version 1010, consider restricting access to user session modification functionality until a fix is available. As a temporary workaround, limit user privileges to minimize the risk of exploitation.