Vulnerability Details : CVE-2022-27668
Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability.
Products affected by CVE-2022-27668
- cpe:2.3:a:sap:router:7.22:*:*:*:*:*:*:*
- cpe:2.3:a:sap:router:7.53:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.49:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.77:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.81:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.85:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.86:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.87:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap:kernel_7.88:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap_krnl64uc:7.49:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_as_abap_krnl64nuc:7.49:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-27668
0.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-27668
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2022-27668
-
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.Assigned by:
- cna@sap.com (Primary)
- nvd@nist.gov (Secondary)
References for CVE-2022-27668
-
https://launchpad.support.sap.com/#/notes/3158375
SAP ONE Support Launchpad: Log OnPermissions Required;Vendor Advisory
-
http://seclists.org/fulldisclosure/2022/Sep/17
Full Disclosure: SEC Consult SA-20220914-0 :: Improper Access Control in SAP® SAProuterExploit;Mailing List;Third Party Advisory
-
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
SAP Patch Day BlogVendor Advisory
-
http://packetstormsecurity.com/files/168406/SAP-SAProuter-Improper-Access-Control.html
SAP SAProuter Improper Access Control ≈ Packet StormExploit;Third Party Advisory
Jump to