Vulnerability in Sap Se Content Server
CVE-2022-22536
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can pre…
Vulnerability class: HTTP Request Smuggling
EPSS: 0.938 (99.9th percentile) — read the EPSS interpretation.
Affected products
- Sap Se Content Server — versions 7.53
- Sap Se Netweaver And Abap Platform — versions KERNEL 7.22, 8.04, 7.49
- Sap Se Web Dispatcher — versions 7.49, 7.53, 7.77
Weakness classification (CWE)
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Public proof-of-concept exploits
- ZZ-SOCMAP/CVE-2022-22536
- tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536
- BecodoExploit-mrCAT/SAPGateBreaker-Exploit
- abrewer251/CVE-2022-22536_SAP_Request_Smuggling_Scanner
- ARPSyndicate/cvemon
- ARPSyndicate/kenzer-templates
- NaInSec/CVE-PoC-in-GitHub
- Ostorlab/KEV
- Ostorlab/known_
- SYRTI/POC_
References
- launchpad.support.sap.com/ (x_refsource_MISC)
- www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2022-22536?
- CVE-2022-22536 is a vulnerability in Sap Se Content Server, classified under Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling). Published 2022-02-09.
- Is CVE-2022-22536 known to be exploited?
- Yes. CVE-2022-22536 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-08-18), indicating it is being actively exploited. 29 public proof-of-concept repositories are indexed.