HTTP request smuggling in SAP NetWeaver
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-22536 |
| CWE-ID | CWE-444 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software Subscribe |
SAP NetWeaver AS ABAP Server applications / Application servers SAP NetWeaver AS JAVA Server applications / Application servers SAP Content Server Web applications / CMS SAP Web Dispatcher WEBDISP Server applications / Other server solutions |
| Vendor | SAP |
Security Bulletin
This security bulletin contains one critical risk vulnerability.
1) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU78958
Risk: Critical
CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2022-22536
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can prepend a victim's request with arbitrary data and execute functions impersonating the victim or poison intermediary Web caches.
Successful exploitation of the vulnerability can result in full system compromise.
Install updates from vendor's website.
Vulnerable software versionsSAP NetWeaver AS ABAP: 753
SAP NetWeaver AS JAVA: 7.53
SAP Content Server: 7.53
SAP Web Dispatcher WEBDISP: 7.53
External linkshttp://launchpad.support.sap.com/#/notes/3123396
http://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
