Login Sign Up

CVE-2022-28771

7.5 HIGH
Authentication Bypass Denial of Service

📋 TL;DR

CVE-2022-28771 is an authentication bypass vulnerability in SAP Business One License Service API that allows unauthenticated attackers to send malicious HTTP requests. This can lead to denial of service, potentially making the entire application inaccessible. Organizations running SAP Business One version 10.0 are affected.

💻 Affected Systems

Products:
  • SAP Business One
Versions: Version 10.0
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the License Service API component specifically.

📦 What is this software?

Business One License Service Api by Sap

View all CVEs affecting Business One License Service Api →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application unavailability through denial of service, disrupting business operations dependent on SAP Business One.

🟠

Likely Case

Service disruption or application downtime affecting business processes.

🟢

If Mitigated

Minimal impact with proper network segmentation and authentication controls in place.

🌐 Internet-Facing: HIGH - Unauthenticated network attacks can directly target exposed instances.
🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires network access to the vulnerable service but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply SAP Note 3157613

Vendor Advisory: https://launchpad.support.sap.com/#/notes/3157613

Restart Required: Yes

Instructions:

1. Download and apply SAP Note 3157613 patch. 2. Restart SAP Business One services. 3. Verify the patch is applied correctly.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to SAP Business One License Service API to trusted sources only.

Use firewall rules to block unauthorized access to the service port

Authentication Enforcement

all

Implement additional authentication layers before the vulnerable API.

Configure reverse proxy with authentication
Implement API gateway with auth

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure
  • Monitor for unusual HTTP requests to the License Service API

🔍 How to Verify

Check if Vulnerable:

Check if SAP Business One version 10.0 is running without SAP Note 3157613 applied.

Check Version:

Check SAP Business One administration console or version files

Verify Fix Applied:

Verify SAP Note 3157613 is installed and check service logs for successful authentication.

📡 Detection & Monitoring

Log Indicators:

  • Unauthenticated HTTP requests to License Service API
  • Unusual request patterns or high volume

Network Indicators:

  • HTTP traffic to License Service API without authentication headers
  • Abnormal request rates

SIEM Query:

source="sap_business_one" AND (event="license_api_request" AND auth_status="failed")

📊 Metadata

CVE ID: CVE-2022-28771
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-306
Published: July 12, 2022
Last Updated: February 25, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-28771, you might also want to check these:

CVE-2025-32433 10.0

This CVE describes a critical vulnerability in Erlang/OTP's SSH server that allows unauthenticated r...

Same vulnerability type (CWE-306)
CVE-2026-23693 10.0

The ElementsKit Lite WordPress plugin versions before 3.7.9 expose an unauthenticated REST endpoint ...

Same vulnerability type (CWE-306)
CVE-2025-58083 10.0

The General Industrial Controls Lynx+ Gateway has a critical authentication bypass vulnerability in ...

Same vulnerability type (CWE-306)