Vulnerabilities > CVE-2022-29617 - Improper Handling of Exceptional Conditions vulnerability in SAP Contributor License Agreement Assistant

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sap

CWE-755

NVD

Published: 2022-06-06

Updated: 2022-10-05

Summary

Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the application.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Contributor License Agreement Assistant - SAP Contributor License Agreement Assistant 1.4.0 SAP Contributor License Agreement Assistant 1.4.1 SAP Contributor License Agreement Assistant 1.5.0 SAP Contributor License Agreement Assistant 1.6.0 SAP Contributor License Agreement Assistant 1.7.0 SAP Contributor License Agreement Assistant 1.7.1 SAP Contributor License Agreement Assistant 1.8.0 SAP Contributor License Agreement Assistant 1.8.1 SAP Contributor License Agreement Assistant 1.8.2 SAP Contributor License Agreement Assistant 1.8.3 SAP Contributor License Agreement Assistant 1.8.4 SAP Contributor License Agreement Assistant 1.9.0 SAP Contributor License Agreement Assistant 1.9.1 SAP Contributor License Agreement Assistant 1.9.2 SAP Contributor License Agreement Assistant 1.10.0 SAP Contributor License Agreement Assistant 1.10.1 SAP Contributor License Agreement Assistant 2.0.0 SAP Contributor License Agreement Assistant 2.0.1 SAP Contributor License Agreement Assistant 2.0.2 SAP Contributor License Agreement Assistant 2.0.3 SAP Contributor License Agreement Assistant 2.1.0 SAP Contributor License Agreement Assistant 2.1.1 SAP Contributor License Agreement Assistant 2.2.0 SAP Contributor License Agreement Assistant 2.2.1 SAP Contributor License Agreement Assistant 2.3.0 SAP Contributor License Agreement Assistant 2.3.1 SAP Contributor License Agreement Assistant 2.3.2 SAP Contributor License Agreement Assistant 2.4.0 SAP Contributor License Agreement Assistant 2.4.1 SAP Contributor License Agreement Assistant 2.4.2 SAP Contributor License Agreement Assistant 2.4.3 SAP Contributor License Agreement Assistant 2.4.4 SAP Contributor License Agreement Assistant 2.4.5 SAP Contributor License Agreement Assistant 2.4.6 SAP Contributor License Agreement Assistant 2.5.0 SAP Contributor License Agreement Assistant 2.5.1 SAP Contributor License Agreement Assistant 2.5.2 SAP Contributor License Agreement Assistant 2.6.0 SAP Contributor License Agreement Assistant 2.6.1 SAP Contributor License Agreement Assistant 2.6.2 SAP Contributor License Agreement Assistant 2.7.0 SAP Contributor License Agreement Assistant 2.8.0 SAP Contributor License Agreement Assistant 2.8.1 SAP Contributor License Agreement Assistant 2.8.2 SAP Contributor License Agreement Assistant 2.8.3 SAP Contributor License Agreement Assistant 2.8.4 SAP Contributor License Agreement Assistant 2.8.5 SAP Contributor License Agreement Assistant 2.8.6 SAP Contributor License Agreement Assistant 2.9.0 SAP Contributor License Agreement Assistant 2.9.1 SAP Contributor License Agreement Assistant 2.9.2 SAP Contributor License Agreement Assistant 2.9.3 SAP Contributor License Agreement Assistant 2.10.0 SAP Contributor License Agreement Assistant 2.11.0 SAP Contributor License Agreement Assistant 2.12.0	56

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

References

https://github.com/cla-assistant/cla-assistant/security/advisories/GHSA-jjjv-grgr-v8h3