Security Advisories  

We've created the first of its kind, ABEX Security Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 12 and the highest CVSS score is 9.6.

 

 Severity
SAP© Security advisories 12
 System Types
Affected SAP© system types

 

Related note
2960815
CVSS
4.3

Affected system type
SAP 3D Visual Eneprise
Patchday
2020-09
Released on
2020/09/08

Description
[Multiple CVEs] Improper Input Validation in SAP 3D Visual Enterprise Viewer

Security Advisory

 

Related note
2934451
CVSS
6.4

Affected system type
SAP Commerce Cloud
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6302] Session Fixation in SAP Commerce

Security Advisory

 

Related note
2948239
CVSS
6.1

Affected system type
ABAP
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6324] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver AS ABAP (BSP Test Application)

Security Advisory

 

Related note
2951325
CVSS
6.5

Affected system type
ABAP
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6311] Improper Authorization Checks in Banking services from SAP Bank Analyzer and SAP S/4HANA Financial Products

Security Advisory

 

Related note
2953112
CVSS
5.4

Affected system type
Java
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6326] Cross-Site Scripting (XSS) vulnerabilities in SAP NetWeaver AS Java

Security Advisory

 

Related note
2953203
CVSS
2.6

Affected system type
SAP Adaptive Server Enterprise (ASE)
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6317] Information Disclosure in SAP Adaptive Server Enterprise

Security Advisory

 

Related note
2958563
CVSS
9.1

Affected system type
ABAP
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6318] Code Injection vulnerability in SAP NetWeaver (ABAP Server) and ABAP Platform

Security Advisory

 

Related note
2865229
CVSS
4.8

Affected system type
SAP UI5
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6283] Cross-Site Scripting (XSS) vulnerability in SAP Fiori(Launchpad)

Security Advisory

 

Related note
2924859
CVSS
6.5

Affected system type
ABAP
Patchday
2020-09
Released on
2020/08/25

Description
Missing Authorization check in Discrete Industries and Mill Products

Security Advisory

 

Related note
2930128
CVSS
5.4

Affected system type
BI/BO platform
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6325] Multiple Vulnerabilities in SAP BusinessObjects Business Intelligence Platform

Security Advisory

 

Related note
2531082
CVSS
6.3

Affected system type
ABAP
Patchday
2020-09
Released on
2019/03/12

Description
Switchable Authorization checks for RFC BCA_DIM_LOANS_APPLOG_UPDATE in Loans (FI-CAX-FS)

Security Advisory

 

Related note
2961991
CVSS
9.6

Affected system type
SAP Marketing
Patchday
2020-09
Released on
2020/09/08

Description
[CVE-2020-6320] Improper Access Control in SAP Marketing (Mobile Channel Servlet)

Security Advisory