CVE-2022-28772

🗓️ 12 Apr 2022 16:11:32Reported by sapType

CVE-2022-28772: Overlong input can overwrite SAP Web Dispatcher or Internet Communication Manager stack, causing denial of service

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-28772	12 Apr 202217:15	–	attackerkb
Circl	CVE-2022-28772	12 Apr 202220:17	–	circl
CNNVD	SAP Web Dispatcher 缓冲区错误漏洞	12 Apr 202200:00	–	cnnvd
CNVD	SAP Web Dispatcher和Internet Communication Manager缓冲区溢出漏洞	15 Apr 202200:00	–	cnvd
Cvelist	CVE-2022-28772	12 Apr 202216:11	–	cvelist
EUVD	EUVD-2022-33211	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	14 Apr 202200:00	–	ncsc
NVD	CVE-2022-28772	12 Apr 202217:15	–	nvd
OSV	CVE-2022-28772	12 Apr 202217:15	–	osv
Prion	Input validation	12 Apr 202217:15	–	prion

NVD

Vulners

Node

sap netweaverMatch7.22ext

sap netweaverMatch7.49

sap netweaverMatch7.53

sap netweaverMatch7.77

sap netweaverMatch7.81

sap netweaverMatch7.85

sap netweaverMatch7.86

sap netweaverMatchkernel_7.22

sap netweaverMatchkrnl64nuc_7.22

sap netweaverMatchkrnl64uc_7.22

sap web_dispatcherMatch7.53

sap web_dispatcherMatch7.77

sap web_dispatcherMatch7.81

sap web_dispatcherMatch7.85

sap web_dispatcherMatch7.86

[
  {
    "product": "SAP NetWeaver (Internet Communication Manager)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "KRNL64NUC 7.22"
      },
      {
        "status": "affected",
        "version": "7.22EXT"
      },
      {
        "status": "affected",
        "version": "7.49"
      },
      {
        "status": "affected",
        "version": "KRNL64UC 7.22"
      },
      {
        "status": "affected",
        "version": "7.53"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.22"
      },
      {
        "status": "affected",
        "version": "7.77"
      },
      {
        "status": "affected",
        "version": "7.81"
      },
      {
        "status": "affected",
        "version": "7.85"
      },
      {
        "status": "affected",
        "version": "7.86"
      }
    ]
  },
  {
    "product": "SAP Web Dispatcher",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "7.53"
      },
      {
        "status": "affected",
        "version": "7.77"
      },
      {
        "status": "affected",
        "version": "7.81"
      },
      {
        "status": "affected",
        "version": "7.85"
      },
      {
        "status": "affected",
        "version": "7.86"
      }
    ]
  }
]

Source	Link
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
launchpad	www.launchpad.support.sap.com/

21 Nov 2024 06:57Current

7.4High risk

Vulners AI Score7.4

CVSS 25

CVSS 3.17.5

EPSS0.01139