CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-35293

Due to insecure session management, SAP Enable Now allows an unauthenticated attacker to gain access to user's account. On successful exploitation, an attacker can view or modify user data causing limited impact on confidentiality and integrity of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 45.2%

CVSS Severity

CVSS v3 Score 9.1

References

https://launchpad.support.sap.com/#/notes/3210566
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3210566
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2022-35293

Sap » Enable Now Manager » Version: 1.0

cpe:2.3:a:sap:enable_now_manager:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35293

Products

Pricing

Contact Us