CVE-2022-31591

Published: Jul 12, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service

Vendor	Product	Versions
SAP SE	SAP BusinessObjects (BW Publisher Service)	affected `420` affected `430`

Weaknesses (CWE)

CWE-428

References

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/3167430

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-31591

Description

Affected Products

Weaknesses (CWE)

References