First published: Tue Apr 12 2022(Updated: )
An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges.
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP NetWeaver Application Server for Java | =7.50 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-27669.
The severity of CVE-2022-27669 is high.
An unauthenticated user can exploit CVE-2022-27669 by using functions of the XML Data Archiving Service of SAP NetWeaver Application Server for Java version 7.50, to which access should be restricted.
The impact of CVE-2022-27669 is an escalation of privileges.
Yes, patches and fixes are available for CVE-2022-27669. Please refer to the SAP support notes and documentation for more information.