Security Advisories  

We've created the first of its kind, ABEX Security Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Hey there! Glad you made it.
We have found 11 security advices for you to review.

 

 Severity
SAP© Security advisories 11
 System Types
Affected SAP© system types

 

Related note
2165892
CVSS
6.3

Affected system type
ABAP
Patchday
2020-01
Released on
2020/01/14

Description
Missing authorization check in Transaction Manager

Security Advisory

 

Related note
2871877
CVSS
8.3

Affected system type
ABAP
Patchday
2020-01
Released on
2019/12/24

Description
Multiple security vulnerabilities in SAP EAM, add-on for MRO 4.0 by HCL for SAP S/4HANA 1809

Security Advisory

 

Related note
2848498
CVSS
5.9

Affected system type
Kernel
Patchday
2020-01
Released on
2020/01/14

Description
[CVE-2020-6304] Denial of service (DOS) in SAP NetWeaver Internet Communication Manager

Security Advisory

 

Related note
2863397
CVSS
4.3

Affected system type
ABAP
Patchday
2020-01
Released on
2020/01/14

Description
[CVE-2020-6307] Missing Authorization Check in Automated Note Search Tool (SAP_BASIS)

Security Advisory

 

Related note
2863743
CVSS
6.1

Affected system type
Java
Patchday
2020-01
Released on
2020/01/14

Description
[CVE-2020-6305] Cross-Site Scripting (XSS) vulnerability in Rest Adapter of SAP Process Integration

Security Advisory

 

Related note
2772325
CVSS
5.4

Affected system type
SAP Disclosure Management
Patchday
2020-01
Released on
2020/01/13

Description
[CVE-2020-6303] Improper input validation in SAP Disclosure Management

Security Advisory

 

Related note
2845401
CVSS
5.4

Affected system type
Realtech
Patchday
2020-01
Released on
2020/01/14

Description
Missing Authorization check in Realtech RTCISM 100

Security Advisory

 

Related note
2865348
CVSS
2.7

Affected system type
ABAP
Patchday
2020-01
Released on
2020/01/14

Description
[CVE-2020-6306] Missing Authorization check in SAP Leasing

Security Advisory

 

Related note
2142551
CVSS
4.3

Affected system type
ABAP
Patchday
2020-01
Released on
2016/07/12

Description
Whitelist service for Clickjacking Framing Protection in AS ABAP

Security Advisory

 

Related note
2843016
CVSS
4.3

Affected system type
ABAP
Patchday
2020-01
Released on
2019/11/12

Description
[CVE-2019-0388] Content spoofing vulnerability in UI5 HTTP Handler

Security Advisory

 

Related note
2495462
CVSS
6.3

Affected system type
ABAP
Patchday
2020-01
Released on
2020/01/14

Description
Switchable Authorization checks for RFC in SAP Leasing

Security Advisory