Concise Cyber

Subscribe below for free to get these delivered straight to your inbox

Advertisements
SAP Patches Critical Vulnerabilities Including 9.9 CVSS Score Flaw
Advertisements

SAP Releases Monthly Security Update

SAP has released its monthly security update, addressing 17 new vulnerabilities in its software lineup. The company categorized four of these vulnerabilities with its highest severity rating, “Hot News.” The security patches were released as part of the company’s scheduled Patch Tuesday.

The discovery and reporting of these significant vulnerabilities were credited to researchers at Onapsis Research Labs, who collaborated with SAP to ensure the issues were resolved. The patches cover a range of SAP products, and customers are advised to review the updates to protect their systems.

Details of the Critical Flaws

The most severe vulnerability addressed in this update carries a CVSS score of 9.9 out of 10. This critical flaw is a Code Injection vulnerability found in SAP NetWeaver AS for JAVA (Guided Procedures). The vulnerability could allow an unauthenticated attacker to execute code on the affected application, compromising confidentiality, integrity, and availability.

Another “Hot News” vulnerability fixed by SAP is a Directory Traversal flaw with a CVSS score of 9.1. This issue affects SAP NetWeaver AS ABAP and ABAP Platform. All SAP customers are strongly encouraged to apply the newly released security patches immediately to mitigate the risks associated with these vulnerabilities.

All articles are written here with the help of AI on the basis of openly available information which cannot be independently verified. We do strive to quote the relevant sources.The intent is only to summarise what is already reported in public forum in our own wordswith no intention to plagarise or copy other person’s work.The publisher has no intent to defame or cause offence to anyone, any person or any organisation at any moment.The publisher assumes no responsibility for any damage or loss caused by making decisions on the basis of whatever is published on cyberconcise.com.You’re advised to do your own checks and balances before making any decision, and owners and publishers at cyberconcise.com cannot be held accountable for its resulting ramifications.If you have any objections, concerns or point out anything factually incorrect, please reach out using the form on https://concisecyber.com/about/

Discover more from Concise Cyber

Subscribe now to keep reading and get access to the full archive.

Continue reading