CVE-2022-31593

CWE-743 documents3 sources
Severity
8.8HIGH
EPSS
0.7%
top 27.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Business ONESAP Business ONE
Timeline
PublishedJul 12
Latest updateJul 13

Description

SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5sap_se/sap_business_one10.0

🔴Vulnerability Details

2
GHSA
GHSA-97gw-86xv-r667: SAP Business One client - version 102022-07-13
CVEList
CVE-2022-31593: SAP Business One client - version 102022-07-12
CVE-2022-31593 (HIGH CVSS 8.8) | SAP Business One client - version 1 | cvebase.io