Rewterz Threat Alert – Phobos Ransomware – Active IOC
August 11, 2022Rewterz Threat Advisory – Multiple SAP BusinessObjects Business Intelligence Platform Vulnerabilities
August 11, 2022Rewterz Threat Alert – Phobos Ransomware – Active IOC
August 11, 2022Rewterz Threat Advisory – Multiple SAP BusinessObjects Business Intelligence Platform Vulnerabilities
August 11, 2022Severity
Medium
Analysis Summary
CVE-2022-35293
SAP Enable Now Manager could allow a remote attacker to bypass security restrictions, caused by an insecure session management flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to user’s account to view or modify user data.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-35293
Affected Vendors
SAP
Affected Products
SAP Enable Now Manager 1.0
Remediation
Current SAP customers should refer to SAP for patch information, available from the SAP Web site (login required).