CVE-2022-41268 - Vulnerability Details - OpenCVE

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Business Planning And Consolidation

Configuration 1 [-]

OR	cpe:2.3:a:sap:business_planning_and_consolidation:200:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:300:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:750:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:751:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:752:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:753:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:754:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:755:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:756:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:757:::::::*
	cpe:2.3:a:sap:business_planning_and_consolidation:810:::::::*

No data.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/3271091
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2022-12-13T02:52:25.032Z

Updated: 2024-08-03T12:42:43.986Z

Reserved: 2022-09-21T16:20:14.949Z

Link: CVE-2022-41268

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-12-13T03:15:09.667

Modified: 2024-11-21T07:22:57.050

Link: CVE-2022-41268

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-41268", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "requesterUserId": "048f1e0a-8756-40de-bd1f-51292c7183c7", "dateReserved": "2022-09-21T16:20:14.949Z", "datePublished": "2022-12-13T02:52:25.032Z", "dateUpdated": "2024-08-03T12:42:43.986Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Business Planning and Consolidation", "vendor": "SAP", "versions": [{"lessThanOrEqual": "SAP_BW 757", "status": "affected", "version": "SAP_BW 750", "versionType": "custom"}, {"lessThanOrEqual": "DWCORE 300", "status": "affected", "version": "DWCORE 200", "versionType": "custom"}, {"status": "affected", "version": "CPMBPC 810"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data."}], "value": "In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810,\u00a0a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2022-12-13T02:52:25.032Z"}, "references": [{"url": "https://launchpad.support.sap.com/#/notes/3271091"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:42:43.986Z"}, "title": "CVE Program Container", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3271091", "tags": ["x_transferred"]}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:200:*:*:*:*:*:*:*", "matchCriteriaId": "545A7B0D-B9E5-42AB-A81C-AC3C55E7ACDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:300:*:*:*:*:*:*:*", "matchCriteriaId": "1CB8F139-1227-4D4B-BDCF-7386D5F39FF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:750:*:*:*:*:*:*:*", "matchCriteriaId": "2F248836-5A9D-4DA8-9AAC-F71AD511DAF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:751:*:*:*:*:*:*:*", "matchCriteriaId": "5E9AD392-554A-4707-99F2-E9449E2232D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:752:*:*:*:*:*:*:*", "matchCriteriaId": "60287C4F-7CA8-43B4-A054-5C63D5DA99BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:753:*:*:*:*:*:*:*", "matchCriteriaId": "B9A5ACFB-A152-445A-A5CD-33083DD726CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:754:*:*:*:*:*:*:*", "matchCriteriaId": "B936DDDB-7B28-4A73-9A05-3BF403A9D95E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:755:*:*:*:*:*:*:*", "matchCriteriaId": "80834B1A-9FA7-4334-8D0F-6A0E001738A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:756:*:*:*:*:*:*:*", "matchCriteriaId": "BB2B93D3-F047-4318-ACAE-C16E5D515006", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:757:*:*:*:*:*:*:*", "matchCriteriaId": "1F55B649-4E0E-4D7A-89ED-B6313BBCA387", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:business_planning_and_consolidation:810:*:*:*:*:*:*:*", "matchCriteriaId": "AA754B06-A263-4B03-B350-96F507E2235B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810,\u00a0a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data."}, {"lang": "es", "value": "En algunos roles est\u00e1ndar de SAP en SAP Business Planning and Consolidation - versiones - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, se utiliza un c\u00f3digo de transacci\u00f3n reservado para el cliente. Al implementar dicho c\u00f3digo de transacci\u00f3n, un usuario malintencionado puede ejecutar una funcionalidad de transacci\u00f3n no autorizada. En circunstancias espec\u00edficas, un ataque exitoso podr\u00eda permitir a un adversario aumentar sus privilegios para poder leer, cambiar o eliminar datos del sistema."}], "id": "CVE-2022-41268", "lastModified": "2024-11-21T07:22:57.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 6.0, "source": "cna@sap.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-13T03:15:09.667", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3271091"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3271091"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "cna@sap.com", "type": "Secondary"}]}