Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 11 and the highest CVSS score is 9.9.

 

 Severity
SAP© Security advisories 11
 System Types
Affected SAP© system types

 

Related note
3014121
CVSS
9.9

Affected system type
SAP Commerce Cloud
Patchday
2021-02
Released on
2021/02/09

Description
[CVE-2021-21477] Remote Code Execution vulnerability in SAP Commerce

 

Related note
2998173
CVSS
6.3

Affected system type
SAP Netweaver
Patchday
2021-02
Released on
2021/02/09

Description
[CVE-2021-21472] Server password not set during installation of SAP NetWeaver Master Data Management 7.1

 

Related note
2935791
CVSS
5.4

Affected system type
BI/BO platform
Patchday
2021-02
Released on
2021/02/09

Description
[CVE-2021-21444] Clickjacking vulnerability in SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad)

 

Related note
2835240
CVSS
5.4

Affected system type
Java
Patchday
2021-02
Released on
2021/02/09

Description
Clickjacking vulnerability in Cloud Integration Content of SAP Process Integration

 

Related note
2990992
CVSS
5.4

Affected system type
ABAP
Patchday
2021-02
Released on
2021/02/09

Description
Missing Authorization Checks in the Monitor Data and My Data Collections Apps

 

Related note
2974582
CVSS
4.7

Affected system type
ABAP
Patchday
2021-02
Released on
2021/02/09

Description
[CVE-2021-21478] Reverse Tabnabbing vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP)

 

Related note
2973428
CVSS
4.7

Affected system type
Kernal
Patchday
2021-02
Released on
2021/02/09

Description
Reverse Tabnabbing vulnerability within SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML)

 

Related note
2992154
CVSS
4.1

Affected system type
SAP HANA Platform
Patchday
2021-02
Released on
2021/02/09

Description
[CVE-2021-21474] SAML Assertion Signature MD5 Digest Algorithm Vulnerability in SAP HANA Database

 

Related note
2994289
CVSS
4.1

Affected system type
ABAP
Patchday
2021-02
Released on
2021/02/09

Description
Reverse Tabnabbing vulnerability within SAP CRM WebClient UI

 

Related note
3000897
CVSS
4.0

Affected system type
Java
Patchday
2021-02
Released on
2021/02/09

Description
[CVE-2021-21475] Directory Traversal vulnerability in SAP NetWeaver Master Data Management 7.1

 

Related note
2818963
CVSS
0.0

Affected system type
Java
Patchday
2021-02
Released on
2021/02/09

Description
Clickjacking vulnerability in Adapter Runtime of SAP Process Integration