CVE-2022-39802

CVE-2022-39802

Vendor Sap Se
Product SAP Manufacturing Execution
Weakness CWE-22 · Path traversal
Published October 11, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure.

Key dates

02Disclosure timeline

October 11, 2022 CVE published
August 3, 2024 Record updated