CVE-2022-41268

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.
Configurations

Configuration 1

cpe:2.3:a:sap:business_planning_and_consolidation:751:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:752:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:753:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:754:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:755:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:810:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:200:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:756:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:757:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_planning_and_consolidation:300:*:*:*:*:*:*:*

Information

Published : 2022-12-13 03:15

Updated : 2022-12-15 03:49


NVD link : CVE-2022-41268

Mitre link : CVE-2022-41268

Products Affected
No products.
CWE