CVE-2022-35168: XEE
First published: Tue Jul 12 2022(Updated: )
Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sap Business One | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this SAP Business One vulnerability?
The vulnerability ID of this SAP Business One vulnerability is CVE-2022-35168.
What is the severity of CVE-2022-35168?
The severity of CVE-2022-35168 is high with a CVSS score of 7.5.
How does CVE-2022-35168 affect SAP Business One?
CVE-2022-35168 affects SAP Business One version 10.0.
What is the impact of CVE-2022-35168?
CVE-2022-35168 allows an attacker to perform a denial-of-service attack, rendering the system temporarily inoperative.
Where can I find more information about CVE-2022-35168?
You can find more information about CVE-2022-35168 at the following references: [1](https://launchpad.support.sap.com/#/notes/3211203), [2](https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html).
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/tags
- agent/event
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap business one
- version/sap business one/10.0