CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-26105

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2022-26105

Sap » Netweaver Enterprise Portal » Version: 7.10

cpe:2.3:a:sap:netweaver_enterprise_portal:7.10
Sap » Netweaver Enterprise Portal » Version: 7.11

cpe:2.3:a:sap:netweaver_enterprise_portal:7.11
Sap » Netweaver Enterprise Portal » Version: 7.20

cpe:2.3:a:sap:netweaver_enterprise_portal:7.20
Sap » Netweaver Enterprise Portal » Version: 7.30

cpe:2.3:a:sap:netweaver_enterprise_portal:7.30
Sap » Netweaver Enterprise Portal » Version: 7.31

cpe:2.3:a:sap:netweaver_enterprise_portal:7.31
Sap » Netweaver Enterprise Portal » Version: 7.40

cpe:2.3:a:sap:netweaver_enterprise_portal:7.40
Sap » Netweaver Enterprise Portal » Version: 7.50

cpe:2.3:a:sap:netweaver_enterprise_portal:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-26105

Products

Pricing

Contact Us