SAP Knowledge Base Article - Preview

3187229 - CVE-2022-0778 - AS Java Core Components' impact for Denial-of-Service vulnerability vulnerability


You are curious whether your SAP NetWeaver Application Server Java system is affected by spring core remote code execution vulnerability exploited In the wild (SpringShell). See documentation: CVE-2022-0778.

  • Vulnerability CVE-2022-0778
  • How does this impact SAP Netweaver Application Server Java Core Components
  • The AS Java Core Software Components are documented in KBA 1794179 Importing AS Java Core patches for NetWeaver 7.1 or higher



Affected Software and Versions: OpenSSL with versions:

  • 3.0.0,3.0.1
  • 1.1.1-1.1.1m
  • 1.0.2-1.0.2zc


SAP NetWeaver Application Server for Java all versions


KBA , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.