{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP NetWeaver and ABAP Platform", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "KERNEL 7.22"}, {"status": "affected", "version": "8.04"}, {"status": "affected", "version": "7.49"}, {"status": "affected", "version": "7.53"}, {"status": "affected", "version": "7.77"}, {"status": "affected", "version": "7.81"}, {"status": "affected", "version": "7.85"}, {"status": "affected", "version": "7.86"}, {"status": "affected", "version": "7.87"}, {"status": "affected", "version": "KRNL64UC 8.04"}, {"status": "affected", "version": "7.22"}, {"status": "affected", "version": "7.22EXT"}, {"status": "affected", "version": "KRNL64NUC 7.22"}]}, {"defaultStatus": "unaffected", "product": "SAP Web Dispatcher", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "7.49"}, {"status": "affected", "version": "7.53"}, {"status": "affected", "version": "7.77"}, {"status": "affected", "version": "7.81"}, {"status": "affected", "version": "7.85"}, {"status": "affected", "version": "7.22EXT"}, {"status": "affected", "version": "7.86"}, {"status": "affected", "version": "7.87"}]}, {"defaultStatus": "unaffected", "product": "SAP Content Server", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "7.53"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.</p>"}], "value": "SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.\n\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-444", "description": "CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2023-09-26T03:11:25.429Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://launchpad.support.sap.com/#/notes/3123396"}, {"tags": ["x_refsource_MISC"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@sap.com", "ID": "CVE-2022-22536", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SAP NetWeaver and ABAP Platform", "version": {"version_data": [{"version_affected": "=", "version_value": "KERNEL 7.22"}, {"version_affected": "=", "version_value": "8.04"}, {"version_affected": "=", "version_value": "7.49"}, {"version_affected": "=", "version_value": "7.53"}, {"version_affected": "=", "version_value": "7.77"}, {"version_affected": "=", "version_value": "7.81"}, {"version_affected": "=", "version_value": "7.85"}, {"version_affected": "=", "version_value": "7.86"}, {"version_affected": "=", "version_value": "7.87"}, {"version_affected": "=", "version_value": "KRNL64UC 8.04"}, {"version_affected": "=", "version_value": "7.22"}, {"version_affected": "=", "version_value": "7.22EXT"}, {"version_affected": "=", "version_value": "7.49"}, {"version_affected": "=", "version_value": "7.53"}, {"version_affected": "=", "version_value": "KRNL64NUC 7.22"}, {"version_affected": "=", "version_value": "7.22EXT"}, {"version_affected": "=", "version_value": "7.49"}]}}, {"product_name": "SAP Web Dispatcher", "version": {"version_data": [{"version_affected": "=", "version_value": "7.49"}, {"version_affected": "=", "version_value": "7.53"}, {"version_affected": "=", "version_value": "7.77"}, {"version_affected": "=", "version_value": "7.81"}, {"version_affected": "=", "version_value": "7.85"}, {"version_affected": "=", "version_value": "7.22EXT"}, {"version_affected": "=", "version_value": "7.86"}, {"version_affected": "=", "version_value": "7.87"}]}}, {"product_name": "SAP Content Server", "version": {"version_data": [{"version_affected": "=", "version_value": "7.53"}]}}]}, "vendor_name": "SAP SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system."}]}, "impact": {"cvss": {"baseScore": "null", "vectorString": "null", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-444"}]}]}, "references": {"reference_data": [{"name": "https://launchpad.support.sap.com/#/notes/3123396", "refsource": "MISC", "url": "https://launchpad.support.sap.com/#/notes/3123396"}, {"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "refsource": "MISC", "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}]}}}}, "cveMetadata": {"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "cveId": "CVE-2022-22536", "datePublished": "2022-02-09T22:05:24", "dateReserved": "2022-01-04T00:00:00", "dateUpdated": "2023-09-26T03:11:25.429Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"cisaActionDue": "2022-09-08", "cisaExploitAdd": "2022-08-18", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "SAP Multiple Products HTTP Request Smuggling Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:*", "matchCriteriaId": "A02FB973-7FA0-4881-B912-27F4CFBDC673", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "16B3C589-DF11-459D-8A3F-1A1FD2265022", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.49:*:*:*:*:*:*:*", "matchCriteriaId": "9FBC5614-7C3F-4AD8-8640-0499B8B03C64", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.53:*:*:*:*:*:*:*", "matchCriteriaId": "9E8CB869-C342-4362-9A4A-298F0B5F4003", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.77:*:*:*:*:*:*:*", "matchCriteriaId": "89E7439E-F4D6-45EA-99FC-C9B34D4D590E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.81:*:*:*:*:*:*:*", "matchCriteriaId": "252DCEF2-8DDF-467F-8869-B69A0A3426F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.85:*:*:*:*:*:*:*", "matchCriteriaId": "9BC578BE-2308-491E-9D56-6B45AFF0FCFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.86:*:*:*:*:*:*:*", "matchCriteriaId": "7C0E10A3-591A-4FA7-9B98-D54C3D6C63FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.87:*:*:*:*:*:*:*", "matchCriteriaId": "150B6370-F18A-4657-95ED-D969BF7C39CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:8.04:*:*:*:*:*:*:*", "matchCriteriaId": "12974FFA-3168-4A80-ACFB-D5E065A89383", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64nuc_7.22:*:*:*:*:*:*:*", "matchCriteriaId": "C2D5BECF-C4BA-44C7-9AD7-56865DD9AD60", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64nuc_7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "AB7E91DE-A52F-4E57-8397-7670E30C8B5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64nuc_7.49:*:*:*:*:*:*:*", "matchCriteriaId": "AB478A3C-4DD5-4F42-B2F1-9B7CCBA1B995", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22:*:*:*:*:*:*:*", "matchCriteriaId": "23257C18-B75C-471C-9EAF-1E86DEE845FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "A01290A1-3C1B-4AF7-9284-C164BDEC85A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.49:*:*:*:*:*:*:*", "matchCriteriaId": "6D5F8B53-ECAD-4CD2-8F91-25112569C056", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.53:*:*:*:*:*:*:*", "matchCriteriaId": "ADE160BD-659F-4517-B625-61CFB2FBD456", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_8.04:*:*:*:*:*:*:*", "matchCriteriaId": "88CD861F-08FB-4CE1-923C-79D1480A2259", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "D3F76E6A-2F27-450C-AAB5-E49A64079CAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.49:*:*:*:*:*:*:*", "matchCriteriaId": "0B4A7850-377C-4463-A5D7-07F516FBD74A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*", "matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*", "matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.81:*:*:*:*:*:*:*", "matchCriteriaId": "49FF2A5B-E5F0-4991-9AA3-7CB3B8C62941", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*", "matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*", "matchCriteriaId": "327A87AD-6635-4511-8505-F4418CD9D49C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:web_dispatcher:7.87:*:*:*:*:*:*:*", "matchCriteriaId": "324C32FF-6F89-401F-9ADD-57A68320E06D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.\n\n"}, {"lang": "es", "value": "SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 y SAP Web Dispatcher son vulnerables para el contrabando de peticiones y la concatenaci\u00f3n de peticiones. Un atacante no autenticado puede a\u00f1adir datos arbitrarios a la petici\u00f3n de la v\u00edctima. De este modo, el atacante puede ejecutar funciones suplantando a la v\u00edctima o envenenar las cach\u00e9s web intermediarias. Un ataque con \u00e9xito podr\u00eda resultar en el compromiso completo de la Confidencialidad, Integridad y Disponibilidad del sistema"}], "id": "CVE-2022-22536", "lastModified": "2023-09-27T15:15:58.430", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-09T23:15:18.620", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3123396"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-444"}], "source": "cna@sap.com", "type": "Primary"}]}

{}