Web Dispatcher@7.53 Security Vulnerabilities and Issues — Web Dispatcher@7.53 CVE List

Lucene search

SapWeb Dispatcher7.53

9 matches found

CVE•added 2022/02/09 11:15 p.m.•842 views

CVE-2022-22536

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the a...

10CVSS9.7AI score0.9385EPSS

CVE•added 2023/09/12 3:15 a.m.•85 views

CVE-2023-40309

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality ...

9.8CVSS9.7AI score0.00162EPSS

CVE•added 2022/04/12 5:15 p.m.•75 views

CVE-2022-28772

By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, ...

7.5CVSS7.4AI score0.01139EPSS

CVE•added 2022/04/12 5:15 p.m.•70 views

CVE-2022-28773

Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.

7.5CVSS7.4AI score0.01139EPSS

CVE•added 2023/09/12 2:15 a.m.•56 views

CVE-2023-40308

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.

7.5CVSS7.7AI score0.00131EPSS

CVE•added 2023/07/11 3:15 a.m.•50 views

CVE-2023-35871

The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00,...

9.4CVSS8AI score0.00381EPSS

CVE•added 2021/09/14 12:15 p.m.•45 views

CVE-2021-38162

SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83 processes allow an unauthenticated attacker to submit a malicious crafted request over a network to a front-end server which may, o...

9.4CVSS9AI score0.00829EPSS

CVE•added 2021/07/14 12:15 p.m.•38 views

CVE-2021-33683

SAP Web Dispatcher and Internet Communication Manager (ICM), versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, K...

5.4CVSS4.6AI score0.00093EPSS

CVE•added 2023/07/11 3:15 a.m.•31 views

CVE-2023-33987

An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7....

9.4CVSS8.8AI score0.00144EPSS