CVE-2022-22531 - OpenCVE

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Sap	S\/4hana

Configuration 1 [-]

OR	cpe:2.3:a:sap:s\/4hana:100:::::::*
	cpe:2.3:a:sap:s\/4hana:101:::::::*
	cpe:2.3:a:sap:s\/4hana:102:::::::*
	cpe:2.3:a:sap:s\/4hana:103:::::::*
	cpe:2.3:a:sap:s\/4hana:104:::::::*
	cpe:2.3:a:sap:s\/4hana:105:::::::*
	cpe:2.3:a:sap:s\/4hana:106:::::::*

References

Link	Resource
https://launchpad.support.sap.com/#/notes/3112928	Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: sap

Published: 2022-01-14T19:11:28

Updated: 2023-07-10T18:07:38.847Z

Reserved: 2022-01-04T00:00:00

Link: CVE-2022-22531

JSON object: View

NVD Information

Status : Modified

Published: 2022-01-14T20:15:15.880

Modified: 2023-07-10T19:15:09.557

Link: CVE-2022-22531

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP S/4HANA", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "100"}, {"status": "affected", "version": "101"}, {"status": "affected", "version": "102"}, {"status": "affected", "version": "103"}, {"status": "affected", "version": "104"}, {"status": "affected", "version": "105"}, {"status": "affected", "version": "106"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.</p>"}], "value": "The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.\n\n"}], "problemTypes": [{"descriptions": [{"description": "Cross-Site Scripting", "lang": "en"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2023-07-10T18:07:38.847Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://launchpad.support.sap.com/#/notes/3112928"}, {"tags": ["x_refsource_MISC"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@sap.com", "ID": "CVE-2022-22531", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SAP S/4HANA", "version": {"version_data": [{"version_name": "<", "version_value": "100"}, {"version_name": "<", "version_value": "101"}, {"version_name": "<", "version_value": "102"}, {"version_name": "<", "version_value": "103"}, {"version_name": "<", "version_value": "104"}, {"version_name": "<", "version_value": "105"}, {"version_name": "<", "version_value": "106"}]}}]}, "vendor_name": "SAP SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified."}]}, "impact": {"cvss": {"baseScore": "null", "vectorString": "null", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-Site Scripting"}]}]}, "references": {"reference_data": [{"name": "https://launchpad.support.sap.com/#/notes/3112928", "refsource": "MISC", "url": "https://launchpad.support.sap.com/#/notes/3112928"}, {"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035", "refsource": "MISC", "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035"}]}}}}, "cveMetadata": {"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "cveId": "CVE-2022-22531", "datePublished": "2022-01-14T19:11:28", "dateReserved": "2022-01-04T00:00:00", "dateUpdated": "2023-07-10T18:07:38.847Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:s\\/4hana:100:*:*:*:*:*:*:*", "matchCriteriaId": "11051D6A-FC81-4951-ACDA-BB07D5A5D751", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4hana:101:*:*:*:*:*:*:*", "matchCriteriaId": "E6FE144C-BAF2-4E45-93EE-D70764BDEFD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4hana:102:*:*:*:*:*:*:*", "matchCriteriaId": "55BACB30-A607-410E-AB05-E991CC19CE12", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4hana:103:*:*:*:*:*:*:*", "matchCriteriaId": "95A0C742-4CBD-46B8-B2B3-5949EFC82A6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4hana:104:*:*:*:*:*:*:*", "matchCriteriaId": "14A540DA-F234-4EEA-ADE8-4F6306A86C1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4hana:105:*:*:*:*:*:*:*", "matchCriteriaId": "088EF501-76F9-44EC-B8B9-AED6F6096C03", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4hana:106:*:*:*:*:*:*:*", "matchCriteriaId": "E0023602-B509-4B20-9B29-20EEE88E1692", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.\n\n"}, {"lang": "es", "value": "La aplicaci\u00f3n F0743 Create Single Payment de SAP S/4HANA - versiones 100, 101, 102, 103, 104, 105, 106, no comprueba los archivos cargados o descargados. Esto permite a un atacante con derechos de usuario b\u00e1sicos ejecutar c\u00f3digo de script arbitrario, resultando en una divulgaci\u00f3n o modificaci\u00f3n de informaci\u00f3n confidencial"}], "id": "CVE-2022-22531", "lastModified": "2023-07-10T19:15:09.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-14T20:15:15.880", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://launchpad.support.sap.com/#/notes/3112928"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}