SAP Knowledge Base Article - Preview

3189253 - CVE-2022-22965 - SAP Enterprise Portal's impact for Spring Core Remote Code Execution vulnerability


You are curious whether your SAP NetWeaver Enterprise Portal system is affected by Spring Core Remote Code Execution vulnerability exploited In the wild (SpringShell). See documentation: CVE-2022-22965.

  • Vulnerability CVE-2022-22965
  • How does this impact SAP NetWeaver Enterprise Portal system



Affected Software and Versions / Existing proofs of concept (PoCs) for exploitation work under the following conditions:

  • JDK 9 or higher
  • Apache Tomcat as the Servlet container
  • Packaged as a traditional WAR (in contrast to a Spring Boot executable jar)
  • spring-webmvc or spring-webflux dependency
  • Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions


SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5


CVE-2022-22965, EP, Enterprise Portal, Spring Core Remote Code Execution, SpringShell , KBA , EP-PIN-NAV , Navigation , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.