CVE-2022-22542 is a vulnerability in SAP S4hana
Published on February 9, 2022
S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitly authorized to have access to that information, which could compromise Confidentiality.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2022-22542 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2022-22542
Want to know whenever a new CVE is published for SAP S4hana? stack.watch will email you.
Affected Versions
SAP SE SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer):- Version 104 is affected.
- Version 105 is affected.
- Version 106 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.