CVE-2022-22540

Summary

SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, allows an attacker to execute crafted database queries, that could expose the backend database. Successful attacks could result in disclosure of a table of contents from the system, but no risk of modification possible.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS ABAP (Workplace Server)700affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)701affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)702affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)731affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)740affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)750affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)751affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)752affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)753affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)754affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)755affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)756affected
SAP SESAP NetWeaver AS ABAP (Workplace Server)787affected

Weaknesses

  • CWE-89: CWE-89

ADP Enrichment

CVE Program Container

Additional References

References