Privilege Escalation Vulnerability in SAP Products
CVE-2022-31594
6.7MEDIUM
Key Information:
- Vendor
- SAP
- Vendor
- CVE Published:
- 14 June 2022
Summary
This vulnerability allows a highly privileged user to exploit a SUID-root program, enabling them to escalate privileges to the root level on a local Unix system. The flaw poses significant risks, as attackers could gain unauthorized access to sensitive data and system control. It's essential for organizations to apply relevant security updates to safeguard their systems against such exploits.
Affected Version(s)
SAP Adaptive Server Enterprise (ASE) KERNEL 7.22
SAP Adaptive Server Enterprise (ASE) 7.49
SAP Adaptive Server Enterprise (ASE) 7.53
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved