← back
CVE-2022-22540

CVE-2022-22540

EPSS 1.2%CWE-89
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Feb 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, allows an attacker to execute crafted database queries, that could expose the backend database. Successful attacks could result in disclosure of a table of contents from the system, but no risk of modification possible.
Affected products
SAP SE · SAP NetWeaver AS ABAP (Workplace Server)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/3140587https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html