Privilege Escalation Vulnerability in SAP Products
CVE-2022-31594

6.7MEDIUM

Key Information:

Vendor
SAP
Vendor
CVE Published:
14 June 2022

Summary

This vulnerability allows a highly privileged user to exploit a SUID-root program, enabling them to escalate privileges to the root level on a local Unix system. The flaw poses significant risks, as attackers could gain unauthorized access to sensitive data and system control. It's essential for organizations to apply relevant security updates to safeguard their systems against such exploits.

Affected Version(s)

SAP Adaptive Server Enterprise (ASE) KERNEL 7.22

SAP Adaptive Server Enterprise (ASE) 7.49

SAP Adaptive Server Enterprise (ASE) 7.53

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.