CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://launchpad.support.sap.com/#/notes/3197005
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3197005
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2022-31590

Sap » Powerdesigner Proxy » Version: 16.7

cpe:2.3:a:sap:powerdesigner_proxy:16.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31590

Products

Pricing

Contact Us