We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.
We hope you like it!
We have found 13 security advices for you to review.
Affected system
type
SAP Landscape...
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-39593] Information Disclosure vulnerability in SAP Landscape Management
Affected system
type
SAP Enable Now
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable Now
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-39599] Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-37171] Server-Side Request Forgery (SSRF) in SAP Transportation Management (Collaboration Portal)
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-37172] Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)
Affected system
type
SAP GUI
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-39600] Information Disclosure vulnerability in SAP GUI for Windows
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-34689] Prerequisite for Security Note 3458789
Affected system
type
Java
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-34685] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Knowledge Management XMLEditor
Affected system
type
SAP CRM UI
Patchday
2024-07
Released
on
2024/07/09
Description
[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-34689] Allowlisting of callback-URLs in SAP Business Workflow (WebFlow Services)
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-37180] Information Disclosure vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-34689] Server-Side Request Forgery in SAP Business Workflow (WebFlow Services)
Affected system
type
ABAP
Patchday
2024-07
Released
on
2024/07/09
Description
[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation