Local Privilege Escalation in SAP NetWeaver Application Server and HANA Database
CVE-2022-29614
5MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 June 2022
What is CVE-2022-29614?
A vulnerability exists within the sapuxuserchk utility of SAP NetWeaver Application Server ABAP and HANA Database that could be exploited by an attacker with physical access to the Unix systems running these products. This flaw allows for local privilege escalation, potentially compromising the availability of affected applications. Mitigating this risk is crucial to maintain the integrity and confidentiality of the system.
Affected Version(s)
SAP NetWeaver AS ABAP, AS Java, ABAP Platform and HANA Database KERNEL 7.22
SAP NetWeaver AS ABAP, AS Java, ABAP Platform and HANA Database 7.49
SAP NetWeaver AS ABAP, AS Java, ABAP Platform and HANA Database 7.53