CVE-2022-22534
Description
Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
1.204
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-38183,CVE-2022-22534,CVE-2023-0021 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 700 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 701 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 702 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 731 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 740 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 750 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 751 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 752 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 753 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 754 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 755 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 756 | Windows |
| Vulnerabilities CVE-2021-38183,CVE-2022-22534,CVE-2023-0021,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 700 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 701 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 702 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 731 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 740 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-0021,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 750 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 751 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 752 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 753 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 754 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 755 | Windows |
| Vulnerabilities CVE-2022-22534,CVE-2023-32114,CVE-2025-42968 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 756 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234