All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2022-22536
NONEKEVpublish date unavailable
CVSS / 10
// description
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2022-08-18 00:00 UTC