November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – Multiple Microsoft Vulnerabilities – Patch Tuesday
February 9, 2022Rewterz Threat Advisory – APT SideWinder Group – Active IOCs
February 9, 2022Rewterz Threat Advisory – Multiple Microsoft Vulnerabilities – Patch Tuesday
February 9, 2022Rewterz Threat Advisory – APT SideWinder Group – Active IOCs
February 9, 2022
Severity
High
Analysis Summary
CVE-2022-22546
SAP Business Objects Web Intelligence is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-22544
SAP Solution Manager could allow a remote authenticated attacker to gain elevated privileges on the system, caused by missing segregation of duties. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-22543
SAP NetWeaver Application Server for ABAP and ABAP Platform are vulnerable to a denial of service, caused by an specified flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2022-22542
SAP S/4HANA could allow a remote authenticated attacker to obtain sensitive information, caused by an unspecified flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2022-22540
SAP NetWeaver AS ABAP is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2022-22538
SAP 3D Visual Enterprise Viewer is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2022-22537
SAP 3D Visual Enterprise Viewer is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2022-22535
SAP ERP HCM could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2022-22534
SAP NetWeaver is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-22532
SAP NetWeaver Application Server Java is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVE-2022-22536
SAP NetWeaver, SAP Content Server and SAP Web Dispatcher are vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
Impact
- Cross-Site Scripting
- Privilege Escalation
- Denial of Service
- Information Disclosure
- Unauthorized Access
Indicators of Compromise
CVE
- CVE-2022-22546
- CVE-2022-22544
- CVE-2022-22543
- CVE-2022-22542
- CVE-2022-22540
- CVE-2022-22538
- CVE-2022-22537
- CVE-2022-22535
- CVE-2022-22534
- CVE-2022-22532
- CVE-2022-22536
Affected Vendors
SAP
Affected Products
- SAP Business Objects Web Intelligence 420
- SAP Solution Manager 7.20
- SAP NetWeaver AS ABAP Platform KRNL64NUC 7.22
- SAP NetWeaver AS ABAP Platform KRNL64NUC 7.22EXT
- SAP NetWeaver AS ABAP Platform KRNL64NUC 7.49
- SAP NetWeaver AS ABAP Platform KRNL64UC 7.22
- SAP S/4HANA 104
- SAP S/4HANA 105
- SAP S/4HANA 106
- SAP NetWeaver AS ABAP 700
- SAP NetWeaver AS ABAP 701
- SAP NetWeaver AS ABAP 702
- SAP NetWeaver AS ABAP 731
- SAP 3D Visual Enterprise Viewer 9.0
- SAP ERP HCM 600
- SAP ERP HCM 604
- SAP ERP HCM 608
- SAP NetWeaver Application Server Java KRNL64NUC 7.22
- SAP NetWeaver Application Server Java KRNL64NUC 7.22EXT
- SAP NetWeaver Application Server Java KRNL64NUC 7.49
- SAP NetWeaver Application Server Java KRNL64UC 7.22
- SAP Web Dispatcher WEBDISP 7.53
- SAP Web Dispatcher WEBDISP 7.73
- SAP Web Dispatcher WEBDISP 7.77
- SAP Web Dispatcher WEBDISP 7.81
Remediation
Current SAP customers should refer to SAP Advisory for patch information, available from the SAP Web site (login required).
CVE-2022-22546