OS Credentials Exposure in SAP Products by SAP
CVE-2022-39013

7.6HIGH

Key Information:

Vendor: SAP
Status: SAP Businessobjects Business Intelligence Platform (program Objects)
Vendor: CVE Published:; 11 October 2022

What is CVE-2022-39013?

An authenticated attacker may exploit a vulnerability in SAP products to access underlying operating system credentials. This access can lead to unauthorized modifications of system data, potentially resulting in significant breaches of confidentiality while posing risks to the integrity and availability of affected applications. Organizations utilizing affected SAP products should assess their security posture and implement necessary protective measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP BusinessObjects Business Intelligence Platform (Program Objects) 420

SAP BusinessObjects Business Intelligence Platform (Program Objects) 430

References

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-...

https://launchpad.support.sap.com/#/notes/3229132

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 11, 2022
Vulnerability Reserved
Aug 29, 2022

JSON

SAP