CVE-2022-22533
N/A
N/A
Summary
Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java | KRNL64NUC 7.22 | affected |
| SAP SE | SAP NetWeaver Application Server Java | 7.22EXT | affected |
| SAP SE | SAP NetWeaver Application Server Java | 7.49 | affected |
| SAP SE | SAP NetWeaver Application Server Java | KRNL64UC | affected |
| SAP SE | SAP NetWeaver Application Server Java | 7.22 | affected |
| SAP SE | SAP NetWeaver Application Server Java | 7.53 | affected |
| SAP SE | SAP NetWeaver Application Server Java | KERNEL 7.22 | affected |
Weaknesses
- CWE-416: CWE-416
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/3123427
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
References
- https://launchpad.support.sap.com/#/notes/3123427
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.