Security Advisories  

We've created the first of its kind, ABEX Security Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 11 and the highest CVSS score is 9.9.

 

 Severity
SAP© Security advisories 11
 System Types
Affected SAP© system types

 

Related note
2915429
CVSS
4.3

Affected system type
SAP IDM
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6258] Missing Authorization check in SAP Identity Management

Security Advisory

 

Related note
2915585
CVSS
8.0

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6243] Code Injection in SAP Adaptive Server Enterprise (XP Server on Windows Platform)

Security Advisory

 

Related note
2916927
CVSS
8.8

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6241] SQL Injection vulnerability in SAP Adaptive Server Enterprise

Security Advisory

 

Related note
2917022
CVSS
6.8

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6250] Information Disclosure in SAP Adaptive Server Enterprise

Security Advisory

 

Related note
2917090
CVSS
9.0

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6252] Information Disclosure in SAP Adaptive Server Enterprise (Cockpit)

Security Advisory

 

Related note
2917273
CVSS
7.2

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6253] SQL Injection vulnerability in SAP Adaptive Server Enterprise (Web Services)

Security Advisory

 

Related note
2917275
CVSS
9.1

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6248] Code injection in SAP Adaptive Server Enterprise (Backup Server)

Security Advisory

 

Related note
2920548
CVSS
6.5

Affected system type
SAP Adaptive Server...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6259] Missing authorization check in SAP Adaptive Server Enterprise

Security Advisory

 

Related note
2835979
CVSS
9.9

Affected system type
ABAP
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6262] Code Injection vulnerability in Service Data Download

Security Advisory

 

Related note
2913293
CVSS
6.1

Affected system type
SAP Enterprise Threat...
Patchday
2020-05
Released on
2020/05/12

Description
[CVE-2020-6254] Cross-Site Scripting (XSS) vulnerability in SAP Enterprise Threat Detection

Security Advisory

 

Related note
2747062
CVSS
5.0

Affected system type
ABAP
Patchday
2020-05
Released on
2020/05/12

Description
This note has been re-released without changes. - Cross-Site Request Forgery (CSRF) vulnerability in SAP Web Dynpro ABAP

Security Advisory