Unrated severityNVD Advisory· Published Sep 13, 2022· Updated Jun 10, 2025
CVE-2022-39801
CVE-2022-39801
Description
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and completely compromise the application.
Affected products
2- SAP SE/SAP GRC Access Control Emergency Access Managementv5Range: V1100_700
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.