CVE-2022-35168 is a vulnerability in SAP Business One
Published on July 12, 2022
Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.
Weakness Type
What is a XXE Vulnerability?
The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
CVE-2022-35168 has been classified to as a XXE vulnerability or weakness.
Products Associated with CVE-2022-35168
Want to know whenever a new CVE is published for SAP Business One? stack.watch will email you.
Affected Versions
SAP SE SAP Business one Version 10.0 is affected by CVE-2022-35168Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.