Vulnerability Description
A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Focused Run | 1.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/167563/SAP-FRUN-Simple-Diagnostics-Agent-1.Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/Jun/41Mailing ListThird Party Advisory
- https://launchpad.support.sap.com/#/notes/3159091Permissions RequiredVendor Advisory
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
- http://packetstormsecurity.com/files/167563/SAP-FRUN-Simple-Diagnostics-Agent-1.Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/Jun/41Mailing ListThird Party Advisory
- https://launchpad.support.sap.com/#/notes/3159091Permissions RequiredVendor Advisory
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
FAQ
What is CVE-2022-27657?
CVE-2022-27657 is a vulnerability with a CVSS score of 2.7 (LOW). A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Dia...
How severe is CVE-2022-27657?
CVE-2022-27657 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-27657?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Focused Run.