{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T16:22:58.613","vulnerabilities":[{"cve":{"id":"CVE-2022-41208","sourceIdentifier":"cna@sap.com","published":"2022-11-08T22:15:18.377","lastModified":"2024-11-21T07:22:49.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity of the application.\n\n"},{"lang":"es","value":"Debido a una validación de entrada insuficiente, SAP Financial Consolidation, versión 1010, permite que un atacante autenticado con privilegios de usuario altere la sesión del usuario actual. Si la explotación tiene éxito, el atacante puede ver o modificar información, lo que provoca un impacto limitado en la confidencialidad y la integridad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:financial_consolidation:1010:*:*:*:*:*:*:*","matchCriteriaId":"96B94548-D8E3-4474-9FE2-BCBADFCDC2AC"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/3260708","source":"cna@sap.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/3260708","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}