Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 12 and the highest CVSS score is 9.0.

 

 Severity
SAP© Security advisories 12
 System Types
Affected SAP© system types

 

Related note
3007182
CVSS
9.0

Affected system type
ABAP
Patchday
2021-07
Released on
2021/06/08

Description
[CVE-2021-27610] Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform

 

Related note
3059446
CVSS
7.6

Affected system type
Java
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33671] Missing Authorization check in SAP NetWeaver Guided Procedures

 

Related note
3056652
CVSS
7.5

Affected system type
Java
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33670] Denial of Service (DoS) in SAP NetWeaver AS for Java (Http Service)

 

Related note
3066316
CVSS
6.8

Affected system type
ABAP
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33676] Missing authorization check in SAP CRM ABAP

 

Related note
3044754
CVSS
6.5

Affected system type
ABAP
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33677] Information Disclosure in SAP NetWeaver AS ABAP and ABAP Platform

 

Related note
3048657
CVSS
6.5

Affected system type
ABAP
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33678] Code Injection vulnerability in SAP NetWeaver AS ABAP (Reconciliation Framework)

 

Related note
3000663
CVSS
5.4

Affected system type
Kernel
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33683] HTTP Request Smuggling in SAP Web Dispatcher and Internet Communication Manager

 

Related note
3053403
CVSS
5.4

Affected system type
SAP Lumira Server
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33682] Cross-Site Scripting (XSS) vulnerability in SAP Lumira Server

 

Related note
3059764
CVSS
4.5

Affected system type
Java
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33687] Information Disclosure in SAP NetWeaver AS for Java (Enterprise Portal)

 

Related note
3067890
CVSS
4.3

Affected system type
SAP 3D Visual Enterprise
Patchday
2021-07
Released on
2021/07/13

Description
[Multiple CVEs] Improper Input Validation in SAP 3D Visual Enterprise Viewer

 

Related note
3044751
CVSS
4.3

Affected system type
BI/BO platform
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33667] Information Disclosure in SAP Business Objects Web Intelligence (BI Launchpad)

 

Related note
3038594
CVSS
3.5

Affected system type
Java
Patchday
2021-07
Released on
2021/07/13

Description
[CVE-2021-33689] Insufficient Logging in SAP NetWeaver AS for JAVA (Administrator)

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation
strategies essential for preventing the disruption of vital business systems.
We help businesses in making their SAP systems more secure.

Company

© Copyright 2021 by SecurityBridge // NCMI GmbH