Due to insecure session management, SAP Enable Now allows an unauthenticated attacker to gain access to user's account. On successful exploitation, an attacker can view or modify user data causing limited impact on confidentiality and integrity of the application.

Related CVEs

CVE-2022-35293

Key Information

GHSA ID

GHSA-333h-f5pr-9xg9

Published

August 11, 2022 12:00 AM

Last Modified

August 16, 2022 12:00 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 25, 2025 8:46 PM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.