CVE-2022-29612 (GCVE-0-2022-29612)
Vulnerability from cvelistv5 – Published: 2022-06-14 16:59 – Updated: 2024-08-03 06:26
VLAI?
Summary
SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver, ABAP Platform and SAP Host Agent |
Affected:
KERNEL 7.22
Affected: 7.49 Affected: 7.53 Affected: 7.77 Affected: 7.81 Affected: 7.85 Affected: 7.86 Affected: 7.87 Affected: 7.88 Affected: 8.04 Affected: KRNL64NUC 7.22 Affected: 7.22EXT Affected: KRNL64UC 7.22 Affected: SAPHOSTAGENT 7.22 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:06.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3194674"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver, ABAP Platform and SAP Host Agent",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "7.49"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.86"
},
{
"status": "affected",
"version": "7.87"
},
{
"status": "affected",
"version": "7.88"
},
{
"status": "affected",
"version": "8.04"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "KRNL64UC 7.22"
},
{
"status": "affected",
"version": "SAPHOSTAGENT 7.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-14T16:59:05",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3194674"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-29612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver, ABAP Platform and SAP Host Agent",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "KERNEL 7.22"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "7.77"
},
{
"version_affected": "=",
"version_value": "7.81"
},
{
"version_affected": "=",
"version_value": "7.85"
},
{
"version_affected": "=",
"version_value": "7.86"
},
{
"version_affected": "=",
"version_value": "7.87"
},
{
"version_affected": "=",
"version_value": "7.88"
},
{
"version_affected": "=",
"version_value": "8.04"
},
{
"version_affected": "=",
"version_value": "KRNL64NUC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "KRNL64UC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "8.04"
},
{
"version_affected": "=",
"version_value": "SAPHOSTAGENT 7.22"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"refsource": "MISC",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3194674",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3194674"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-29612",
"datePublished": "2022-06-14T16:59:05",
"dateReserved": "2022-04-25T00:00:00",
"dateUpdated": "2024-08-03T06:26:06.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:host_agent:7.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E135017-1492-49F5-B3ED-F69D5476FB46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"816DBDA9-E4F1-476B-95B3-19758627E3A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B7DDF4E-F304-45E2-956B-7E6AA9EC03EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E640D6CD-A1BA-46C5-B652-0A65F6FF17E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.77:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F567192-ED9A-47B9-A386-0A83AB64948E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.81:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AECEB43E-5E9C-4638-B7D8-29968AE1F4BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.85:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86C349D7-8F6C-42F4-9B8B-A7E0008FB3A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.86:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6606C14A-C9E6-4D4A-8E64-0699CBB15B93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.87:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F8C12AA-5635-4E29-A443-2A43A6BB0439\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_7.88:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD5FA276-9557-4E36-A37F-4B2A09703DA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:kernel_8.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7679B78A-CF53-42FA-8A96-319F13B40A8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE1BE43A-6659-4C08-8194-F85FA47D7D81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22ext:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4673CFDB-C17D-437B-8FE8-F0EA5BA97831\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E415C122-70DF-478E-8493-4CF9E9AD934C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22ext:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA5A9939-C663-4B52-97DB-64D80B40FB5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA9452E7-8B06-4B3B-870A-2A92103CD9CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F5C3E99-E68D-4CC2-8F9B-779406AE8B1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:netweaver_abap:krnl64uc_8.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DCEFFCC-4529-4A75-A146-C28A4CA80DC3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application.\"}, {\"lang\": \"es\", \"value\": \"SAP NetWeaver, ABAP Platform y SAP Host Agent - versiones KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49 53, 8.04, SAPHOSTAGENT 7.22, permite a un usuario autenticado hacer un uso no debido de una funci\\u00f3n de sapcontrol webfunctionality(startservice) en el Kernel que permite a usuarios maliciosos recuperar informaci\\u00f3n. Si es explotado con \\u00e9xito, un atacante puede obtener informaci\\u00f3n t\\u00e9cnica como el n\\u00famero de sistema o la direcci\\u00f3n f\\u00edsica, que de otro modo est\\u00e1 restringida, causando un impacto limitado en la confidencialidad de la aplicaci\\u00f3n\"}]",
"id": "CVE-2022-29612",
"lastModified": "2024-11-21T06:59:25.833",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-06-14T17:15:08.230",
"references": "[{\"url\": \"https://launchpad.support.sap.com/#/notes/3194674\", \"source\": \"cna@sap.com\", \"tags\": [\"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\", \"source\": \"cna@sap.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://launchpad.support.sap.com/#/notes/3194674\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cna@sap.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-918\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-29612\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2022-06-14T17:15:08.230\",\"lastModified\":\"2024-11-21T06:59:25.833\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application.\"},{\"lang\":\"es\",\"value\":\"SAP NetWeaver, ABAP Platform y SAP Host Agent - versiones KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49 53, 8.04, SAPHOSTAGENT 7.22, permite a un usuario autenticado hacer un uso no debido de una funci\u00f3n de sapcontrol webfunctionality(startservice) en el Kernel que permite a usuarios maliciosos recuperar informaci\u00f3n. Si es explotado con \u00e9xito, un atacante puede obtener informaci\u00f3n t\u00e9cnica como el n\u00famero de sistema o la direcci\u00f3n f\u00edsica, que de otro modo est\u00e1 restringida, causando un impacto limitado en la confidencialidad de la aplicaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@sap.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:host_agent:7.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E135017-1492-49F5-B3ED-F69D5476FB46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"816DBDA9-E4F1-476B-95B3-19758627E3A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B7DDF4E-F304-45E2-956B-7E6AA9EC03EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E640D6CD-A1BA-46C5-B652-0A65F6FF17E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.77:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F567192-ED9A-47B9-A386-0A83AB64948E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.81:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AECEB43E-5E9C-4638-B7D8-29968AE1F4BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86C349D7-8F6C-42F4-9B8B-A7E0008FB3A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.86:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6606C14A-C9E6-4D4A-8E64-0699CBB15B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.87:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F8C12AA-5635-4E29-A443-2A43A6BB0439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_7.88:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5FA276-9557-4E36-A37F-4B2A09703DA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:kernel_8.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7679B78A-CF53-42FA-8A96-319F13B40A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE1BE43A-6659-4C08-8194-F85FA47D7D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22ext:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4673CFDB-C17D-437B-8FE8-F0EA5BA97831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E415C122-70DF-478E-8493-4CF9E9AD934C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22ext:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA5A9939-C663-4B52-97DB-64D80B40FB5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA9452E7-8B06-4B3B-870A-2A92103CD9CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F5C3E99-E68D-4CC2-8F9B-779406AE8B1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_abap:krnl64uc_8.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DCEFFCC-4529-4A75-A146-C28A4CA80DC3\"}]}]}],\"references\":[{\"url\":\"https://launchpad.support.sap.com/#/notes/3194674\",\"source\":\"cna@sap.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\",\"source\":\"cna@sap.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://launchpad.support.sap.com/#/notes/3194674\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…