Privilege Escalation in SAP NetWeaver Application Server and ABAP Platform
CVE-2022-29611

8.8HIGH

Key Information:

Vendor: SAP
Status: SAP Netweaver Application Server For Abap And Abap Platform
Vendor: CVE Published:; 11 May 2022

What is CVE-2022-29611?

The SAP NetWeaver Application Server for ABAP and ABAP Platform are affected by a security flaw where the systems fail to enforce adequate authorization checks for authenticated users. This oversight allows users to gain elevated privileges, potentially leading to unauthorized access to critical components and data within the system. Organizations using these platforms should take immediate steps to mitigate this vulnerability and ensure proper security controls are in place.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP NetWeaver Application Server for ABAP and ABAP Platform 700

SAP NetWeaver Application Server for ABAP and ABAP Platform 701

SAP NetWeaver Application Server for ABAP and ABAP Platform 702

References

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/3165801

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 11, 2022
Vulnerability Reserved
Apr 25, 2022

JSON

SAP

What is CVE-2022-29611?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.