CVE-2022-31592
MEDIUMSAP Enterprise Extension Defense Forces & Public Security - Privile...
Title source: llmDescription
The application SAP Enterprise Extension Defense Forces & Public Security - versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated user over the network, resulting in escalation of privileges leading to a limited impact on confidentiality.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Permissions Required, Vendor Advisory x_refsource_misc
https://launchpad.support.sap.com/#/notes/3196280
Scores
CVSS v3
4.3
EPSS
0.0015
EPSS Percentile
34.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-862
Status
published
Products (10)
sap/enterprise_extension_defense_forces_\&_public_security
605
sap/enterprise_extension_defense_forces_\&_public_security
606
sap/enterprise_extension_defense_forces_\&_public_security
616
sap/enterprise_extension_defense_forces_\&_public_security
617
sap/enterprise_extension_defense_forces_\&_public_security
618
sap/enterprise_extension_defense_forces_\&_public_security
802
sap/enterprise_extension_defense_forces_\&_public_security
803
sap/enterprise_extension_defense_forces_\&_public_security
804
sap/enterprise_extension_defense_forces_\&_public_security
805
sap/enterprise_extension_defense_forces_\&_public_security
806
Published
Jul 12, 2022
Tracked Since
Feb 18, 2026