We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!
× Hey there! Glad you made it.
We have found 9 security advices for you to review.

 

 Severity
SAP© Security advisories 9
 System Types
Affected SAP© system types

 

Related note
2999590
CVSS
4.3

Affected system type
ABAP
Patchday
2021-06
Released on
2021/05/25

Description
Incomplete authorization checks for import of environmental data

 

Related note
3053066
CVSS
8.7

Affected system type
Java
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-27635] Missing XML Validation in SAP NetWeaver AS for JAVA

 

Related note
3049879
CVSS
5.9

Affected system type
SAP Enable Now
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-27637] Information Disclosure in SAP Enable Now (SAP Workforce Performance Builder - Manager)

 

Related note
3021050
CVSS
5.9

Affected system type
Internet Graphics Service
Patchday
2021-06
Released on
2021/06/08

Description
[Multiple CVEs] Memory Corruption vulnerability in SAP Internet Graphics Service

 

Related note
2985562
CVSS
4.7

Affected system type
SAP Commerce Cloud
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-33666] Cross-Site Scripting (XSS) in SAP Commerce Cloud

 

Related note
3030961
CVSS
6.4

Affected system type
Java
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-27615] Cross-Site Scripting (XSS) vulnerability in SAP Manufacturing Execution

 

Related note
3030604
CVSS
5.8

Affected system type
ABAP
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-33663] Plaintext Injection in SAP NetWeaver AS for ABAP

 

Related note
3028370
CVSS
5.4

Affected system type
ABAP
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-33665] Cross-Site Scripting (XSS) vulnerability within SAP NetWeaver AS ABAP (Applications based on SAP GUI for HTML)

 

Related note
3025604
CVSS
5.4

Affected system type
ABAP
Patchday
2021-06
Released on
2021/06/08

Description
[CVE-2021-33664] Cross-Site Scripting (XSS) vulnerability within SAP NetWeaver AS ABAP (Applications based on Web Dynpro ABAP)

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2024 by SecurityBridge GmbH

v35.0