SAP Web Dispatcher 7.86

CPE Details

SAP Web Dispatcher 7.86
sap
web_dispatcher
7.86
2022-02-10
21h07 +00:00
2022-04-08
16h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*

Informations

Vendor

sap

Product

web_dispatcher

Version

7.86

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-28772 2022-04-12 14h11 +00:00 By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service.
7.5
High
CVE-2022-28773 2022-04-12 14h11 +00:00 Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
7.5
High
CVE-2022-22536 2022-02-09 22h05 +00:00 SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
10
Critical