Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2022-22531

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.

  • Published: Jan 14, 2022
  • Updated: Jul 11, 2023
  • CVE: CVE-2022-22531
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.1
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
sap / s/4hana 100 100.x
sap / s/4hana 101 101.x
sap / s/4hana 102 102.x
sap / s/4hana 103 103.x
sap / s/4hana 104 104.x
sap / s/4hana 105 105.x
sap / s/4hana 106 106.x