CVE-2022-22536

Warning

EPSS 93.82%
Published 09.02.2022 23:15:18
Last modified 13.03.2025 16:36:39
Source cna@sap.com
Teams watchlist Login
Open Login

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.

Affected products Warnungen 1 Metrics 4 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

SAP ≫ Content Server Version7.53

SAP ≫ Netweaver Application Server Abap Version7.22

SAP ≫ Netweaver Application Server Abap Version7.49

SAP ≫ Netweaver Application Server Abap Version7.53

SAP ≫ Netweaver Application Server Abap Version7.77

SAP ≫ Netweaver Application Server Abap Version7.81

SAP ≫ Netweaver Application Server Abap Version7.85

SAP ≫ Netweaver Application Server Abap Version7.86

SAP ≫ Netweaver Application Server Abap Version7.87

SAP ≫ Netweaver Application Server Abap Version8.04

SAP ≫ Netweaver Application Server Abap Versionkrnl64nuc_7.22

SAP ≫ Netweaver Application Server Abap Versionkrnl64nuc_7.22ext

SAP ≫ Netweaver Application Server Abap Versionkrnl64nuc_7.49

SAP ≫ Netweaver Application Server Abap Versionkrnl64uc_7.22

SAP ≫ Netweaver Application Server Abap Versionkrnl64uc_7.22ext

SAP ≫ Netweaver Application Server Abap Versionkrnl64uc_7.49

SAP ≫ Netweaver Application Server Abap Versionkrnl64uc_7.53

SAP ≫ Netweaver Application Server Abap Versionkrnl64uc_8.04

SAP ≫ Web Dispatcher Version7.22ext

SAP ≫ Web Dispatcher Version7.49

SAP ≫ Web Dispatcher Version7.53

SAP ≫ Web Dispatcher Version7.77

SAP ≫ Web Dispatcher Version7.81

SAP ≫ Web Dispatcher Version7.85

SAP ≫ Web Dispatcher Version7.86

SAP ≫ Web Dispatcher Version7.87

18.08.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

SAP Multiple Products HTTP Request Smuggling Vulnerability

Vulnerability

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	93.82%	0.999

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Vendor Advisory

Not Applicable

https://launchpad.support.sap.com/#/notes/3123396

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2022-22536

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-22536

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-22536

EUVD