Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Hey there! Glad you made it.
We have found 9 security advices for you to review.

 

 Severity
SAP© Security advisories 9
 System Types
Affected SAP© system types

 

Related note
3049661
CVSS
7.8

Affected system type
SAP Business One
Patchday
2021-05
Released on
2021/05/11

Description
[CVE-2021-27616] Multiple vulnerabilities in SAP Business One, version for SAP HANA (Business-One-Hana-Chef-Cookbook)

 

Related note
2114798
CVSS
6.3

Affected system type
ABAP
Patchday
2021-05
Released on
2021/04/27

Description
Unauthorized use of application functions in SAP GUI for HTML

 

Related note
3023078
CVSS
3.4

Affected system type
SAP GUI / Frontend
Patchday
2021-05
Released on
2021/05/11

Description
[CVE-2021-27612] SAP GUI for Windows is vulnerable to redirect users to an untrusted website

 

Related note
3046610
CVSS
8.2

Affected system type
ABAP
Patchday
2021-05
Released on
2021/05/11

Description
[CVE-2021-27611] Code Injection vulnerability in SAP NetWeaver AS ABAP

 

Related note
3049755
CVSS
7.8

Affected system type
SAP Business One
Patchday
2021-05
Released on
2021/05/11

Description
[CVE-2021-27613] Information Disclosure in SAP Business One (Chef business-one-cookbook)

 

Related note
3039818
CVSS
6.5

Affected system type
SAP Commerce Cloud
Patchday
2021-05
Released on
2021/05/11

Description
[CVE-2021-27619] Information Disclosure in SAP Commerce (Backoffice search)

 

Related note
2745860
CVSS
5.3

Affected system type
Java
Patchday
2021-05
Released on
2021/05/11

Description
Information Disclosure in Enterprise Services Repository of SAP Process Integration

 

Related note
3012021
CVSS
4.9

Affected system type
Java
Patchday
2021-05
Released on
2021/05/11

Description
[Multiple CVEs] Multiple vulnerabilities in SAP Process Integration (Integration Builder Framework)

 

Related note
2904569
CVSS
4.6

Affected system type
SAP CRM UI
Patchday
2021-05
Released on
2021/04/27

Description
Cross-Site Request Forgery (CSRF) vulnerability in SAP CRM WebClient UI

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2024 by SecurityBridge GmbH

v34.1