Lucene search
SapCVELIST:CVE-2022-22532HistoryFeb 09, 2022 - 10:05 p.m.
CVE-2022-22532
2022-02-0922:05:19
CWE-444
sap
www.cve.org
2
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victimβs logon session.
CNA Affected
[
{
"product": "SAP NetWeaver Application Server Java",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.49"
},
{
"status": "affected",
"version": "KRNL64UC"
},
{
"status": "affected",
"version": "7.22"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "KERNEL 7.22"
}
]
}
]Related
nvd
nvd
CVE-2022-22532
2022-02-09 23:15:18
cve
cve
CVE-2022-22532
2022-02-09 23:15:18
prion
prion
Design/Logic Flaw
2022-02-09 23:15:00
nessus
nessus
SAP NetWeaver AS Java Multiple Vulnerabilities (ICMAD)
2022-02-09 00:00:00
cisa
cisa
threatpost
threatpost
SAP to Give Threat Briefing on Uber-Severe βICMADβ Bugs
2022-02-10 16:39:04
SAP Patches Severe βICMADβ Bugs
2022-02-10 16:39:04
malwarebytes
malwarebytes