Vulnerabilities > CVE-2024-22124 - Unspecified vulnerability in SAP Netweaver

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2024-01-09

Updated: 2024-01-22

Summary

Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver Krnl64Nuc_7.22 SAP Netweaver Kernel_7.22 SAP Netweaver Krnl64Uc_7.22Ext SAP Netweaver Krnl64Uc_7.53 SAP Netweaver Krnl64Nuc_7.22Ext SAP Netweaver Webdisp_7.22Ext SAP Netweaver Webdisp_7.53 SAP Netweaver Webdisp_7.54 SAP Netweaver Kernel_7.53 SAP Netweaver Kernel_7.54	10

Summary

Vulnerable Configurations

References