Symptom
1. A security scan is done on HANA server and the report shows warning for CVE-2022-22970 and CVE-2022-22971 vulnerabilities .
https://tanzu.vmware.com/security/cve-2022-22970
https://tanzu.vmware.com/security/cve-2022-22971
2. These vulnerabilities are regarding spring-core library.
Read more...
Environment
SAP HANA XS, advanced model
Keywords
DoS, Denial of Service, spring, Data Binding, Spring Framework Advisory, host scanned, CVE-2022-22970, CVE-2022-22971 , KBA , HAN-CPT-CPT2-SEC , SAP HANA Cockpit 2 (Security) , HAN-DB-SEC , SAP HANA Security & User Management , BC-XS-SEC , UAA and Security for HANA XSA engine , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.