SAP Knowledge Base Article - Preview

3191869 - SAP NetWeaver Application Server for ABAP affected by Spring4Shell (CVE) 2022-22965?

Symptom

You are curious whether your SAP NetWeaver Application Server ABAP system is affected by spring core remote code execution vulnerability exploited In the wild (SpringShell).
See documentation: CVE-2022-22965.


Read more...

Environment

SAP Netweaver ABAP Systems

Product

SAP ERP 6.0 ; SAP NetWeaver 2004 ; SAP NetWeaver 7.0 ; SAP NetWeaver 7.1 ; SAP NetWeaver 7.2 ; SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP NetWeaver 7.5 for SAP S/4HANA 1511 ; SAP NetWeaver Application Server for ABAP 7 for SAP S/4HANA Cloud 1911 ; SAP NetWeaver Application Server for ABAP all versions ; SAP enhancement package 1 for SAP NetWeaver 7.0 ; SAP enhancement package 1 for SAP NetWeaver 7.3 ; SAP enhancement package 2 for SAP NetWeaver 7.0 ; SAP enhancement package 3 for SAP NetWeaver 7.0

Keywords

Vulnerability,Spring Framework, Spring4Shell, CVE-2022-22965, 22965 , KBA , BC-SEC-WSS , Web Services Security for ABAP , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.