Vulnerability Details CVE-2022-28773
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2022-28773
-
cpe:2.3:a:sap:netweaver:7.22ext
-
cpe:2.3:a:sap:netweaver:7.49
-
cpe:2.3:a:sap:netweaver:7.53
-
cpe:2.3:a:sap:netweaver:7.77
-
cpe:2.3:a:sap:netweaver:7.81
-
cpe:2.3:a:sap:netweaver:7.85
-
cpe:2.3:a:sap:netweaver:7.86
-
cpe:2.3:a:sap:netweaver:kernel_7.22
-
cpe:2.3:a:sap:netweaver:krnl64nuc_7.22
-
cpe:2.3:a:sap:netweaver:krnl64uc_7.22
-
cpe:2.3:a:sap:web_dispatcher:7.53
-
cpe:2.3:a:sap:web_dispatcher:7.77
-
cpe:2.3:a:sap:web_dispatcher:7.81
-
cpe:2.3:a:sap:web_dispatcher:7.85
-
cpe:2.3:a:sap:web_dispatcher:7.86