Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve (non-personal) system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network to access information which would otherwise be restricted, leading to low impact on confidentiality and high impact on integrity of the application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2022-09-13T19:24:35

Updated: 2024-08-03T07:39:50.380Z

Reserved: 2022-06-02T00:00:00

Link: CVE-2022-32244

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-09-13T20:15:09.693

Modified: 2024-11-21T07:06:00.190

Link: CVE-2022-32244

cve-icon Redhat

No data.