SAP© Security Advisories - 06 2023 - SecurityBridge Cloud Platform

We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!

× Hey there! Glad you made it.
We have found 6 security advices for you to review.

Severity

SAP© Security advisories 6

System Types

Affected SAP© system types

_{Related note}
3318657

_CVSS
6.4

_{Affected system
type}
SAP...

_Patchday
2023-06

_{Released
on}
2023/06/13

Description
[CVE-2023-33984] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver (Design Time Repository)

Security Advisory

_{Related note}
2826092

_CVSS
6.1

_{Affected system
type}
ABAP

_Patchday
2023-06

_{Released
on}
2023/06/13

Description
[CVE-2023-33986] Cross-Site Scripting (XSS) vulnerability in SAP CRM ABAP (Grantor Management)

Security Advisory

_{Related note}
3331627

_CVSS
6.1

_{Affected system
type}
Java

_Patchday
2023-06

_{Released
on}
2023/06/13

Description
[CVE-2023-33985] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver (Enterprise Portal)

Security Advisory

_{Related note}
3325642

_CVSS
2.7

_{Affected system
type}
ABAP

_Patchday
2023-06

_{Released
on}
2023/06/13

Description
[CVE-2023-32114] Denial of Service in SAP NetWeaver (Change and Transport System)

Security Advisory

_{Related note}
3324285

_CVSS
8.2

_{Affected system
type}
SAP UI5

_Patchday
2023-06

_{Released
on}
2023/06/13

Description
[CVE-2023-33991] Stored Cross-Site Scripting vulnerability in SAP UI5 (Variant Management)

Security Advisory

_{Related note}
3322800

_CVSS
6.1

_{Affected system
type}
ABAP

_Patchday
2023-06

_{Released
on}
2023/06/13

Description
Update 1 to security note 3315971 - [CVE-2023-30742] Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)

Security Advisory

Notifications

Severity

SAP© Security advisories 6

System Types

Affected SAP© system types

Related note 3318657

CVSS 6.4

Affected system type SAP...

Patchday2023-06

Released on2023/06/13

Related note 2826092

CVSS 6.1

Affected system type ABAP

Patchday2023-06

Released on2023/06/13

Related note 3331627

CVSS 6.1

Affected system type Java

Patchday2023-06

Released on2023/06/13

Related note 3325642

CVSS 2.7

Affected system type ABAP

Patchday2023-06

Released on2023/06/13

Related note 3324285

CVSS 8.2

Affected system type SAP UI5

Patchday2023-06

Released on2023/06/13

Related note 3322800

CVSS 6.1

Affected system type ABAP

Patchday2023-06

Released on2023/06/13

_{Related note}
3318657

_CVSS
6.4

_{Affected system
type}
SAP...

_Patchday
2023-06

_{Released
on}
2023/06/13

_{Related note}
2826092

_CVSS
6.1

_{Affected system
type}
ABAP

_Patchday
2023-06

_{Released
on}
2023/06/13

_{Related note}
3331627

_CVSS
6.1

_{Affected system
type}
Java

_Patchday
2023-06

_{Released
on}
2023/06/13

_{Related note}
3325642

_CVSS
2.7

_{Affected system
type}
ABAP

_Patchday
2023-06

_{Released
on}
2023/06/13

_{Related note}
3324285

_CVSS
8.2

_{Affected system
type}
SAP UI5

_Patchday
2023-06

_{Released
on}
2023/06/13

_{Related note}
3322800

_CVSS
6.1

_{Affected system
type}
ABAP

_Patchday
2023-06

_{Released
on}
2023/06/13