CVE-2022-31591

Summary

SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects (BW Publisher Service)420affected
SAP SESAP BusinessObjects (BW Publisher Service)430affected

Weaknesses

  • CWE-428: CWE-428

ADP Enrichment

CVE Program Container

Additional References

References