Security Advisories

We've created the first of its kind, SecurityBridge ^{Cloud Platform} to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!

× Hey there! Glad you made it.
We have found 9 security advices for you to review.

Severity

SAP© Security advisories 9

System Types

Affected SAP© system types

_{Related note}
3046610

_CVSS
8.2

_{Affected system
type}
ABAP

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
[CVE-2021-27611] Code Injection vulnerability in SAP NetWeaver AS ABAP

Security Advisory

_{Related note}
3049661

_CVSS
7.8

_{Affected system
type}
SAP Business One

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
[CVE-2021-27616] Multiple vulnerabilities in SAP Business One, version for SAP HANA (Business-One-Hana-Chef-Cookbook)

Security Advisory

_{Related note}
3049755

_CVSS
7.8

_{Affected system
type}
SAP Business One

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
[CVE-2021-27613] Information Disclosure in SAP Business One (Chef business-one-cookbook)

Security Advisory

_{Related note}
3039818

_CVSS
6.5

_{Affected system
type}
SAP Commerce Cloud

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
[CVE-2021-27619] Information Disclosure in SAP Commerce (Backoffice search)

Security Advisory

_{Related note}
2114798

_CVSS
6.3

_{Affected system
type}
ABAP

_Patchday
2021-05

_{Released
on}
2021/04/27

Description
Unauthorized use of application functions in SAP GUI for HTML

Security Advisory

_{Related note}
2745860

_CVSS
5.3

_{Affected system
type}
Java

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
Information Disclosure in Enterprise Services Repository of SAP Process Integration

Security Advisory

_{Related note}
3012021

_CVSS
4.9

_{Affected system
type}
Java

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
[Multiple CVEs] Multiple vulnerabilities in SAP Process Integration (Integration Builder Framework)

Security Advisory

_{Related note}
2904569

_CVSS
4.6

_{Affected system
type}
SAP CRM UI

_Patchday
2021-05

_{Released
on}
2021/04/27

Description
Cross-Site Request Forgery (CSRF) vulnerability in SAP CRM WebClient UI

Security Advisory

_{Related note}
3023078

_CVSS
3.4

_{Affected system
type}
SAP GUI / Frontend

_Patchday
2021-05

_{Released
on}
2021/05/11

Description
[CVE-2021-27612] SAP GUI for Windows is vulnerable to redirect users to an untrusted website

Security Advisory

Notifications

Security Advisories

Severity

SAP© Security advisories 9

System Types

Affected SAP© system types

Related note 3046610

CVSS 8.2

Affected system type ABAP

Patchday2021-05

Released on2021/05/11

Related note 3049661

CVSS 7.8

Affected system type SAP Business One

Patchday2021-05

Released on2021/05/11

Related note 3049755

CVSS 7.8

Affected system type SAP Business One

Patchday2021-05

Released on2021/05/11

Related note 3039818

CVSS 6.5

Affected system type SAP Commerce Cloud

Patchday2021-05

Released on2021/05/11

Related note 2114798

CVSS 6.3

Affected system type ABAP

Patchday2021-05

Released on2021/04/27

Related note 2745860

CVSS 5.3

Affected system type Java

Patchday2021-05

Released on2021/05/11

Related note 3012021

CVSS 4.9

Affected system type Java

Patchday2021-05

Released on2021/05/11

Related note 2904569

CVSS 4.6

Affected system type SAP CRM UI

Patchday2021-05

Released on2021/04/27

Related note 3023078

CVSS 3.4

Affected system type SAP GUI / Frontend

Patchday2021-05

Released on2021/05/11

_{Related note}
3046610

_CVSS
8.2

_{Affected system
type}
ABAP

_Patchday
2021-05

_{Released
on}
2021/05/11

_{Related note}
3049661

_CVSS
7.8

_{Affected system
type}
SAP Business One

_Patchday
2021-05

_{Released
on}
2021/05/11

_{Related note}
3049755

_CVSS
7.8

_{Affected system
type}
SAP Business One

_Patchday
2021-05

_{Released
on}
2021/05/11

_{Related note}
3039818

_CVSS
6.5

_{Affected system
type}
SAP Commerce Cloud

_Patchday
2021-05

_{Released
on}
2021/05/11

_{Related note}
2114798

_CVSS
6.3

_{Affected system
type}
ABAP

_Patchday
2021-05

_{Released
on}
2021/04/27

_{Related note}
2745860

_CVSS
5.3

_{Affected system
type}
Java

_Patchday
2021-05

_{Released
on}
2021/05/11

_{Related note}
3012021

_CVSS
4.9

_{Affected system
type}
Java

_Patchday
2021-05

_{Released
on}
2021/05/11

_{Related note}
2904569

_CVSS
4.6

_{Affected system
type}
SAP CRM UI

_Patchday
2021-05

_{Released
on}
2021/04/27

_{Related note}
3023078

_CVSS
3.4

_{Affected system
type}
SAP GUI / Frontend

_Patchday
2021-05

_{Released
on}
2021/05/11