SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform, and HANA Database Privilege Escalation Vulnerability

SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform, and HANA Database Privilege Escalation Vulnerability

CVE-2022-29614 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability.

Learn more about our Cis Benchmark Audit For Server Software.