3187229 - CVE-2022-0778 - AS Java Core Components' impact for Denial-of-Service vulnerability vulnerability

Symptom

You are curious whether your SAP NetWeaver Application Server Java system is affected by spring core remote code execution vulnerability exploited In the wild (SpringShell). See documentation: CVE-2022-0778.

Vulnerability CVE-2022-0778
How does this impact SAP Netweaver Application Server Java Core Components
The AS Java Core Software Components are documented in KBA 1794179 Importing AS Java Core patches for NetWeaver 7.1 or higher

Environment

Affected Software and Versions: OpenSSL with versions:

3.0.0,3.0.1
1.1.1-1.1.1m
1.0.2-1.0.2zc

Product

SAP NetWeaver Application Server for Java all versions

Keywords

KBA , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.