CVE-2022-22533

CVE-2022-22533

Vendor Sap Se
Product SAP NetWeaver Application Server Java
Weakness CWE-416
Published February 9, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.

Key dates

02Disclosure timeline

February 9, 2022 CVE published
August 3, 2024 Record updated