CVE-2022-39802

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure.

CWE	CWE-22
Vendor	sap se
Product	sap manufacturing execution
Published	Oct 11, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for sap se sap manufacturing execution

Be the first to know when new unknown vulnerabilities affecting sap se sap manufacturing execution are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

SAP SE / SAP Manufacturing Execution

15.1 15.2 15.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

sap.com: https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html launchpad.support.sap.com: https://launchpad.support.sap.com/#/notes/3242933 packetstormsecurity.com: http://packetstormsecurity.com/files/168716/SAP-Manufacturing-Execution-Core-15.3-Path-Traversal.html