SAP GUI Authentication Vulnerability Exposes Local Network to Script Execution
CVE-2022-41205

5.5MEDIUM

Key Information:

Vendor

SAP

Vendor
CVE Published:
8 November 2022

What is CVE-2022-41205?

SAP GUI contains a vulnerability that permits authenticated attackers to execute scripts within the local network environment. Successful exploitation of this vulnerability allows attackers to access sensitive registry information, potentially compromising the application's availability. This security flaw underscores the necessity for organizations to implement robust security practices and monitor their SAP systems vigilantly.

Affected Version(s)

SAP GUI for Windows = 7.70

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-41205 : SAP GUI Authentication Vulnerability Exposes Local Network to Script Execution