CVE-2022-22545

Summary

A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform700affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform701affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform702affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform710affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform711affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform730affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform731affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform740affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform750affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform751affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform752affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform753affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform754affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform755affected
SAP SESAP NetWeaver Application Server ABAP and ABAP Platform756affected

Weaknesses

  • CWE-200: CWE-200

ADP Enrichment

CVE Program Container

Additional References

References