cvedb.io
CVE-2022-24396
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2022-03-10T17:46:09.270 · Last modified 2026-06-17T04:31:45.817

Summary

The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. Due to lack of authentication checks, an attacker could access administrative or other privileged functionalities and read, modify, or delete sensitive information and configurations.

Affected products

sap — simple_diagnostics_agent

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.