CVE-2022-42892 A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01)
This vulnerability could be exploited in the following ways: An attacker could exploit this vulnerability to get a list of all files in the system accessible through the website. An attacker could use this directory listing to obtain critical information about the system such as usernames and passwords, information on roles and permissions, or to download software applications.
This vulnerability has been assigned the following CVSS score: 10.0.
DITORS CAVEATS: syngo has released a patch for this vulnerability.
The syngo team recommends users apply the patched version of the syngo Dynamics application server. syngo has released an updated version of syngo Dynamics application server.
Affected Software:
- syngo Dynamics application server
- syngo Dynamics for SAP Business Suite
CVSS Scores
The Computer Vulnerability Scoring System (CVSS) is a standardized way of expressing the severity of a computer system’s vulnerability. It is an open standard for computer security risk assessment.
Timeline
Published on: 11/17/2022 17:15:00 UTC
Last modified on: 11/21/2022 19:58:00 UTC