Lucene search
K
SapWeb Dispatcher

11 matches found

CVE
CVE
added 2022/02/09 10:5 p.m.925 views

CVE-2022-22536

CVE-2022-22536 affects SAP NetWeaver components (ABAP/Java stacks), ABAP Platform, SAP Content Server 7.53, and SAP Web Dispatcher. The issue is HTTP request smuggling/concatenation caused by how the SAP ICM front end parses requests, enabling an unauthenticated attacker to prepend arbitrary data...

10CVSS9.2AI score0.97945EPSS
In wildWeb
CVE
CVE
added 2023/09/12 2:21 a.m.108 views

CVE-2023-40309

CVE-2023-40309 affects SAP CommonCryptoLib and is caused by insufficient authentication checks, enabling possible privilege escalation for an authenticated user and potential reading/modification/deletion of restricted data. The vulnerability is rated CRITICAL (CVSSv3.1: 9.8, AV:N/AC:L/PR:N/UI:N/...

9.8CVSS9.7AI score0.00748EPSS
CVE
CVE
added 2022/04/12 4:11 p.m.90 views

CVE-2022-28772

The CVE-2022-28772 entry concerns a buffer overflow in SAP Web Dispatcher and SAP Internet Communication Manager caused by overlong input values that can overwrite the internal program stack, leading to a denial of service. Affected products include SAP Web Dispatcher versions 7.53, 7.77, 7.81, 7...

7.5CVSS7.4AI score0.01387EPSS
CVE
CVE
added 2022/04/12 4:11 p.m.82 views

CVE-2022-28773

CVE-2022-28773 affects SAP Web Dispatcher and SAP Internet Communication Manager. The issue is caused by uncontrolled recursion, leading to denial of service with a crash that is restartable. Public details across connected documents confirm the component/file-level root cause and DoS impact; som...

7.5CVSS7.9AI score0.01399EPSS
CVE
CVE
added 2023/09/12 1:21 a.m.81 views

CVE-2023-40308

The CVE-2023-40308 issue affects SAP CommonCryptoLib and is caused by memory corruption triggered by an unauthenticated crafted request sent to an open port. The resulting crash makes the target component unavailable, with no impact on confidentiality or integrity reported. Evidence across multip...

7.5CVSS7.7AI score0.00622EPSS
CVE
CVE
added 2023/07/11 2:41 a.m.66 views

CVE-2023-35871

Technical details about CVE-2023-35871 are not publicly available in the provided connected documents. Monitor for updates.

9.4CVSS8AI score0.00504EPSS
CVE
CVE
added 2024/08/13 3:47 a.m.66 views

CVE-2024-33005

The CVE-2024-33005 issue affects SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server. Root cause: missing authorization checks in the local system allow admin users to impersonate other users and perform unintended actions. Impact: low confidentiality but ...

6.3CVSS6.3AI score0.00208EPSS
CVE
CVE
added 2021/09/14 11:15 a.m.65 views

CVE-2021-38162

The CVE-2021-38162 entry affects SAP Web Dispatcher and related kernel components (Web Dispatcher v7.49, 7.53, 7.77, 7.81; KRNL64NUC 7.22/7.22EXT/7.49; KRNL64UC 7.22/7.22EXT/7.49/7.53; KERNEL 7.22/7.49/7.53/7.77/7.81/7.83). An unauthenticated attacker can send crafted network requests to a front‑...

9.4CVSS8.6AI score0.02601EPSS
CVE
CVE
added 2021/07/14 11:4 a.m.54 views

CVE-2021-33683

CVE-2021-33683 affects SAP Web Dispatcher and Internet Communication Manager (ICM) components, including KRNL32NUC/64NUC, KRNL32UC/64UC, WEBDISP, and KERNEL across multiple 7.x versions up to 7.83. The vulnerability stems from incorrect handling of invalid HTTP headers, specifically Transfer-Enco...

5.4CVSS4.6AI score0.00546EPSS
CVE
CVE
added 2023/04/11 2:56 a.m.51 views

CVE-2023-29108

The CVE-2023-29108 issue affects ABAP Platform and SAP Web Dispatcher: IP filter vulnerability due to erroneous IP netmask handling. Affected: ABAP Platform 7.85–7.91 and SAP Web Dispatcher 7.85–7.89 (kernel 7.85/7.89/7.91). Impact: may allow access to backend applications from unwanted sources. ...

5.3CVSS5.1AI score0.00419EPSS
CVE
CVE
added 2023/07/11 2:24 a.m.46 views

CVE-2023-33987

The CVE-2023-33987 issue affects SAP Web Dispatcher and related components (WEBDISP, KERNEL, KRNL64NUC/UC, HDB, XS_ADVANCED_RUNTIME, SAP_EXTENDED_APP_SERVICES) where an unauthenticated, network-proximate attacker can submit crafted requests to a front-end server. Over multiple attempts, this can ...

9.4CVSS8.8AI score0.00578EPSS