A note with CVSS 3.2 for component BC-DB-SYB was released by SAP on 14.06.2022. The correction/advisory 3155571 was described with "[CVE-2022-31594] Privilege escalation vulnerability in SAP Adaptive Server Enterprise (ASE)" and affects the system type SAP Adaptive Server Enterprise (ASE) .
A workaround exists, according to SAP Security Advisory team. It is advisable to implement the correction as part of maintenance.
The vulnerability addressed is os command injection within SAP Adaptive Server Enterprise (ASE) .
Risk specificationThis note has been re-released with updated 'Symptom’ information: A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system.
The SUID bit is not set anymore. Although an alternative solution exists, it is advisable to apply the correction! This is the workaround, which was suggested by the SAP security experts: "Note that this workaround is a temporary fix and is not a permanent solution: If set it should be removed by executing: chmod 0755 /usr/sap/<SAPSID>/SYS/exe/run/sybctrl The database can also be started using the SAP Host Agent using the StartDatabase command.".
- 9.9 [CVE-2021-37531] Code Injection vulnerability in SAP NetWeaver Knowledge Management (XMLForms)
- 9.1 Update 2 to Security Note 2808158: [CVE-2019-0330] OS Command Injection vulnerability in SAP Diagnostics Agent
- 9.1 [CVE-2020-26820] Privilege escalation in SAP NetWeaver Application Server for Java (UDDI Server)
- 8.4 [CVE-2021-44235] Code Injection vulnerability in utility class for SAP NetWeaver AS ABAP
- 5.6 [CVE-2022-31591] Privilege Escalation vulnerability in SAP BusinessObjects (BW Publisher Service)