CVE-2022-31594Improper Privilege Management in SE SAP Adaptive Server Enterprise

CWE-269Improper Privilege Management3 documents3 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 89.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Adaptive Server EnterpriseSAP Adaptive Server Enterprise
Timeline
PublishedJun 14
Latest updateJun 15

Description

A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDsap/adaptive11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-m5x9-8x67-p4jm: A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system2022-06-15
CVEList
CVE-2022-31594: A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system2022-06-14
CVE-2022-31594 — Improper Privilege Management | cvebase