Home

CVE-2022-22540

Description

SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, allows an attacker to execute crafted database queries, that could expose the backend database. Successful attacks could result in disclosure of a table of contents from the system, but no risk of modification possible.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.365

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 731Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 740Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAPWindows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 751Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 752Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 753Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 754Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 755Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 700Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAPWindows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 702Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 756Windows
Vulnerabilities CVE-2022-22540,CVE-2022-29611 are affected in SAP NetWeaver Application Server ABAP 787Windows
Vulnerabilities CVE-2022-22540 are affected in SAP NetWeaver and ABAP platform (ST-PI) 787Windows
Vulnerabilities CVE-2022-22540,CVE-2022-29611 are affected in SAP NetWeaver and ABAP platform (ST-PI) 787Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234