Unrated severityNVD Advisory· Published Feb 9, 2022· Updated Aug 3, 2024

CVE-2022-22542

Description

S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitly authorized to have access to that information, which could compromise Confidentiality.

Affected products

SAP/S/4HANA Supplier Factsheetllm-create
Flexense/Vx Search Enterprisellm-fuzzy
SAP SE/SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)v5
Range: 104

Patches

Vulnerability mechanics

References

launchpad.support.sap.commitrex_refsource_MISC
www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000