Skip to main content

Host Agent CVE-2022-29614

MEDIUM
Improper Privilege Management (CWE-269)
2022-06-14 cna@sap.com
5.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 14, 2022 - 19:15 nvd
MEDIUM 5.0

DescriptionNVD

SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability.

AnalysisAI

SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability. Affected products include: Sap Host Agent, Sap Netweaver Abap.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

CVE-2016-8610 HIGH
7.5 Nov 13

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL proto

CVE-2015-8960 HIGH POC
8.1 Sep 21

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values fo

CVE-2023-40309 CRITICAL
9.8 Sep 12

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization

CVE-2022-35295 MEDIUM POC
4.9 Sep 13

In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for th

CVE-2023-24523 HIGH
8.8 Feb 14

An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start S

CVE-2017-15297 HIGH
7.5 Oct 16

SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. Rated high severity (CVSS 7.5), this v

CVE-2023-40308 HIGH
7.5 Sep 12

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a

CVE-2020-6186 HIGH
7.5 Feb 12

SAP Host Agent, version 7.21, allows an attacker to cause a slowdown in processing of username/password-based authentica

CVE-2023-27498 HIGH
7.2 Mar 14

SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated attacker with network access to a server port assign

CVE-2020-6234 HIGH
7.2 Apr 14

SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privi

CVE-2024-47595 HIGH
7.1 Nov 12

An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access.

CVE-2023-0012 MEDIUM
6.7 Jan 10

In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be abl

Share

CVE-2022-29614 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy