CVE-2022-41209EPSS p5.7%

CVE-2022-41209CVE-2022-41209

sap / customer_data_cloud

Description

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks.

Scoring

CVSS 5.2 ()
VectorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS0.16% probability of exploitation · percentile 5.7% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.