logo_SVG-01
✕
  • Platform
    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    • Managed Security Services
    • Managed Penetration Testing
  • Services
    • Assess
      • Compromise Assessment
      • Advanced Persistent Threats Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      • SOC Maturity Assessment
      • SOC Model Evaluation
      • SOC Gap Analysis
      • SIEM Gap Analysis
      • SIEM Optimization
      • SOC Content Pack
    • Train
      • Simulated Cyber Attack Exercise
      • Tabletop Exercise
      • Security Awareness and Training
    • Respond
      • Incident Analysis
      • Incident Response
  • Solutions
  • Resources
    • Blogs
    • Press Releases
    • Threat Insights
      • Threat Intelligence Reports
      • Threat Advisories
      • Monthly Threat Insights
  • Why Rewterz?
    • About Us
    • Careers
    • Contact
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Advisory – Multiple SAP Vulnerabilties

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    August 25, 2023
    Rewterz
    August 25, 2023
    Rewterz Threat Alert – Young Hackers from Lapsus$ Gang Convicted in High-Profile Cyberattack Cases
    Severity High Analysis Summary In a notable case, an 18-year-old member of the Lapsus$ data extortion group, Arion Kurtaj, has been convicted by a London jury […]
    August 25, 2023
    Rewterz
    August 25, 2023
    Rewterz Threat Alert – Lazarus Group Deploys Stealthy QuiteRAT Malware via Zoho ManageEngine Flaw – Active IOCs
    Severity High Analysis Summary The North Korea-linked threat actor known as Lazarus Group has recently been observed exploiting a critical security vulnerability in Zoho ManageEngine ServiceDesk […]
    August 25, 2023
    Rewterz
    August 25, 2023
    Rewterz Threat Alert – Sodinokibi Ransomware aka Sodin – Active IOCs
    Severity High Analysis Summary REvil/Sodinokibi, also known as Sodin, is a sophisticated ransomware discovered in April 2019. This elusive malware encrypts files and cleverly erases its […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Advisory – Multiple SAP Vulnerabilties

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    August 25, 2023
    Rewterz
    August 25, 2023
    Rewterz Threat Alert – Young Hackers from Lapsus$ Gang Convicted in High-Profile Cyberattack Cases
    Severity High Analysis Summary In a notable case, an 18-year-old member of the Lapsus$ data extortion group, Arion Kurtaj, has been convicted by a London jury […]
    August 25, 2023
    Rewterz
    August 25, 2023
    Rewterz Threat Alert – Lazarus Group Deploys Stealthy QuiteRAT Malware via Zoho ManageEngine Flaw – Active IOCs
    Severity High Analysis Summary The North Korea-linked threat actor known as Lazarus Group has recently been observed exploiting a critical security vulnerability in Zoho ManageEngine ServiceDesk […]
    August 25, 2023
    Rewterz
    August 25, 2023
    Rewterz Threat Alert – Sodinokibi Ransomware aka Sodin – Active IOCs
    Severity High Analysis Summary REvil/Sodinokibi, also known as Sodin, is a sophisticated ransomware discovered in April 2019. This elusive malware encrypts files and cleverly erases its […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
Rewterz
Rewterz Threat Advisory – Multiple Microsoft Vulnerabilities – Patch Tuesday
February 9, 2022
Rewterz
Rewterz Threat Advisory – APT SideWinder Group – Active IOCs
February 9, 2022

Rewterz Threat Advisory – Multiple SAP Vulnerabilties

February 9, 2022

Severity

High

Analysis Summary

CVE-2022-22546 

SAP Business Objects Web Intelligence is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-22544

SAP Solution Manager could allow a remote authenticated attacker to gain elevated privileges on the system, caused by missing segregation of duties. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-22543 

SAP NetWeaver Application Server for ABAP and ABAP Platform are vulnerable to a denial of service, caused by an specified flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2022-22542 

SAP S/4HANA could allow a remote authenticated attacker to obtain sensitive information, caused by an unspecified flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2022-22540 

SAP NetWeaver AS ABAP is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2022-22538 

SAP 3D Visual Enterprise Viewer is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2022-22537 

SAP 3D Visual Enterprise Viewer is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2022-22535 

SAP ERP HCM could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2022-22534 

SAP NetWeaver is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-22532 

SAP NetWeaver Application Server Java is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.

CVE-2022-22536 

SAP NetWeaver, SAP Content Server and SAP Web Dispatcher are vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.

Impact

  • Cross-Site Scripting
  • Privilege Escalation
  • Denial of Service
  • Information Disclosure
  • Unauthorized Access

Indicators of Compromise

CVE

  • CVE-2022-22546
  • CVE-2022-22544
  • CVE-2022-22543
  • CVE-2022-22542
  • CVE-2022-22540
  • CVE-2022-22538
  • CVE-2022-22537
  • CVE-2022-22535
  • CVE-2022-22534
  • CVE-2022-22532
  • CVE-2022-22536

Affected Vendors

SAP

Affected Products

  • SAP Business Objects Web Intelligence 420
  • SAP Solution Manager 7.20
  • SAP NetWeaver AS ABAP Platform KRNL64NUC 7.22
  • SAP NetWeaver AS ABAP Platform KRNL64NUC 7.22EXT
  • SAP NetWeaver AS ABAP Platform KRNL64NUC 7.49
  • SAP NetWeaver AS ABAP Platform KRNL64UC 7.22
  • SAP S/4HANA 104
  • SAP S/4HANA 105
  • SAP S/4HANA 106
  • SAP NetWeaver AS ABAP 700
  • SAP NetWeaver AS ABAP 701
  • SAP NetWeaver AS ABAP 702
  • SAP NetWeaver AS ABAP 731
  • SAP 3D Visual Enterprise Viewer 9.0
  • SAP ERP HCM 600
  • SAP ERP HCM 604
  • SAP ERP HCM 608
  • SAP NetWeaver Application Server Java KRNL64NUC 7.22
  • SAP NetWeaver Application Server Java KRNL64NUC 7.22EXT
  • SAP NetWeaver Application Server Java KRNL64NUC 7.49
  • SAP NetWeaver Application Server Java KRNL64UC 7.22
  • SAP Web Dispatcher WEBDISP 7.53
  • SAP Web Dispatcher WEBDISP 7.73
  • SAP Web Dispatcher WEBDISP 7.77
  • SAP Web Dispatcher WEBDISP 7.81

Remediation

Current SAP customers should refer to SAP Advisory for patch information, available from the SAP Web site (login required).

CVE-2022-22546

https://launchpad.support.sap.com/CVE-2022-22544
https://launchpad.support.sap.com/CVE-2022-22543
https://launchpad.support.sap.com/CVE-2022-22542
https://launchpad.support.sap.com/CVE-2022-22540
https://launchpad.support.sap.com/CVE-2022-22538
https://launchpad.support.sap.com/CVE-2022-22537
https://launchpad.support.sap.com/CVE-2022-22535
https://launchpad.support.sap.com/CVE-2022-22534
https://launchpad.support.sap.com/CVE-2022-22532
https://launchpad.support.sap.com/CVE-2022-22536
https://launchpad.support.sap.com/

Platform

  • Rewterz XDR
  • Rewterz Defense
  • Rewterz Threat Intelligence

Managed Security Services

  • Managed Security Monitoring
  • Remote SOC
  • Onsite SOC
  • Hybrid SOC

Assess

  • Compromise Assessment
  • APT Assessment
  • Penetration Testing
  • Architecture Design & Review
  • Red Team Assessment
  • Purple Team Assessment
  • Social Engineering
  • Source Code Review

Transform

  • SOC Consultancy
  • SOC Maturity Assessment
  • SOC Model Evaluation
  • SOC Gap Analysis
  • SIEM Gap Analysis
  • SIEM Optimization
  • SOC Content Pack

Train

  • Simulated Cyber Attack Exercise
  • Tabletop Exercise
  • Security Awareness and Training

Respond

  • Incident Analysis
  • Incident Response

Threat Insights

  • Threat Advisories
  • Monthly Threat Insights
  • Threat Intelligence Reports

Resources

  • Blog
  • Press Releases

Connect With Us

  • Contact
  • Careers
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.
Get a Demo