You are interested in further details related to the SAP Note 3123396 [CVE-2022-22536] Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server
and SAP Web Dispatcher.
Overview of related material:
|3123396 -[CVE-2022-22536] Request smuggling and request concatenation in SAP Netweaver, SAP Content server and SAP Web dispatcher||The security note listing the required patch levels of SAP Kernel or SAP Web Dispatcher|
|3137885 -Workaround for security SAP note 3123396||
Description of workarounds for unpatched systems depending on scenario:
|3138881 -wdisp/additional_conn_close workaround for security SAP note 3123396||The workaround number (1) of SAP Note 3137885 requires a patched version of SAP Web Dispatcher plus a special profile parameter.|
|3147927 -wdisp/additional_conn_close causes errors for Netweaver AS Java servers||The workaround of SAP note 3138881 requires an even newer patched version of SAP Web Dispatcher when used for Application Server Java.|
|3127829 -How to configure rewriting rules in SAP Web Dispatcher and Internet Communication Manager (ICM)||This SAP note helps with applying workaround number (2) of SAP Note 3137885|
|3148968 - FAQ for SAP Security Note 3123396 [CVE-2022-22536] Request smuggling and request concatenation||This SAP Knowledge Based Article|
- Which components or scenarios are affected?
- Applying the Kernel Patch
- Using a workaround instead of a Kernel Patch
- Operating System independent
- SAP NetWeaver
- ABAP Platform
- SAP Web Dispatcher
CVE-2022-22536, vulnerability, KERNELCOR , KBA , BC-CST-IC , Internet Communication Manager , BC-CST-WDP , Web Dispatcher , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.