SAP Web Dispatcher 7.86

CPE Details

SAP Web Dispatcher 7.86
sap
web_dispatcher
7.86
2022-02-10
21h07 +00:00
2022-04-08
16h23 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*

Informations

Vendor

sap

Product

web_dispatcher

Version

7.86

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-28772 2022-04-12 14h11 +00:00 By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service.
7.5
Haute
CVE-2022-28773 2022-04-12 14h11 +00:00 Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
7.5
Haute
CVE-2022-22536 2022-02-09 22h05 +00:00 SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
10
Critique