cvedb.io
CVE-2022-22534
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2022-02-09T23:15:18.533 · Last modified 2026-06-17T04:28:32.980

Summary

Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.

Affected products

sap — netweaver

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.