CVE-2022-41261

CVSS V2 None CVSS V3 None
Description
SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.
Overview
  • CVE ID
  • CVE-2022-41261
  • Assigner
  • cna@sap.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-12T22:15:10
  • Last Modified Date
  • 2022-12-15T16:25:50
Weakness Enumerations
CWE URL
CWE-284 http://cwe.mitre.org/data/definitions/284.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:sap:solution_manager:7.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://launchpad.support.sap.com/#/notes/3265173
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-41261
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41261
History
Created Old Value New Value Data Type Notes
2022-12-12 23:14:29 Added to TrackCVE
2022-12-13 02:15:11 2022-12-12T22:15:10.250 2022-12-12T22:15:10 CVE Published Date updated
2022-12-13 02:15:11 2022-12-13T01:45:52 CVE Modified Date updated
2022-12-13 02:15:11 Received Awaiting Analysis Vulnerability Status updated
2022-12-13 15:15:08 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-15 17:14:40 2022-12-15T16:25:50 CVE Modified Date updated
2022-12-15 17:14:40 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-15 17:14:41 CPE Information updated