CVE-2022-41275

Name of the Vulnerable Software and Affected Versions SAP Solution Manager (Enterprise Search) versions 740, and 750

Description An unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page. This could potentially read or modify sensitive information or expose the user to a phishing attack, with little impact on confidentiality and integrity.

Recommendations For SAP Solution Manager (Enterprise Search) versions 740, consider applying a patch or fix to prevent redirection to malicious pages. For SAP Solution Manager (Enterprise Search) version 750, consider applying a patch or fix to prevent redirection to malicious pages. As a temporary workaround, consider restricting access to sensitive information and implementing additional phishing attack detection measures until a patch is available.