CVE-2022-32248 Vulnerability Details

  /     /     /  

CVE-2022-32248 Metadata Quick Info

CVE Published: 12/07/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: sap | Vendor: SAP SE | Product: SAP S/4HANA
Status : PUBLISHED

---

CVE-2022-32248 Description

Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-20
CWE Name: CWE-20
Source: SAP SE

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).