CVE-2022-22542

CVE-2022-22542

Vendor Sap Se

Product SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)

Weakness CWE-200 · Info exposure

Published February 9, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitly authorized to have access to that information, which could compromise Confidentiality.

Key dates

02Disclosure timeline

February 9, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-22542

Related vulnerabilities

Identifiers

CVE CVE-2022-22542

CWE CWE-200

Affected versions

Vendor Sap Se

Product SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)

Affected 104

Vendor Sap Se

Product SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)

Affected 105

Vendor Sap Se

Product SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)

Affected 106

01Description

02Disclosure timeline

03References

04Related CVE