We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Hey there! Glad you made it.
We have found 13 security advices for you to review.

 

 Severity
SAP© Security advisories 13
 System Types
Affected SAP© system types

 

Related note
3466801
CVSS
6.9

Affected system type
SAP Landscape...
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39593] Information Disclosure vulnerability in SAP Landscape Management

Security Advisory

 

Related note
3476348
CVSS
4.3

Affected system type
SAP Enable Now
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable Now

Security Advisory

 

Related note
3456952
CVSS
4.7

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39599] Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform

Security Advisory

 

Related note
3469958
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-37171] Server-Side Request Forgery (SSRF) in SAP Transportation Management (Collaboration Portal)

Security Advisory

 

Related note
3457354
CVSS
5.4

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-37172] Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)

Security Advisory

 

Related note
3461110
CVSS
5.0

Affected system type
SAP GUI
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39600] Information Disclosure vulnerability in SAP GUI for Windows

Security Advisory

 

Related note
3483993
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34689] Prerequisite for Security Note 3458789

Security Advisory

 

Related note
3468681
CVSS
6.1

Affected system type
Java
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34685] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Knowledge Management XMLEditor

Security Advisory

 

Related note
3467377
CVSS
6.1

Affected system type
SAP CRM UI
Patchday
2024-07
Released on
2024/07/09

Description
[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

Security Advisory

 

Related note
3485805
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34689] Allowlisting of callback-URLs in SAP Business Workflow (WebFlow Services)

Security Advisory

 

Related note
3454858
CVSS
4.1

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-37180] Information Disclosure vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

Security Advisory

 

Related note
3458789
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34689] Server-Side Request Forgery in SAP Business Workflow (WebFlow Services)

Security Advisory

 

Related note
3482217
CVSS
6.1

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation

Security Advisory

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge
Platform
Product

© Copyright 2024 by SecurityBridge GmbH

v34.5