Security Advisories
We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.
We hope you like it!
This time we found critical correction advisiories. We count 8 and the highest CVSS score is 9.6.
Severity
SAP© Security advisories 8
System Types
Affected SAP© system types
Affected system
type
SAP FRP
Patchday
2021-11
Released
on
2021/11/09
Description
Several security vulnerabilities in FRP 5.4.0 and FR Engine 5.4.0
Affected system
type
Kernel
Patchday
2021-11
Released
on
2021/11/09
Description
[CVE-2021-40501] Missing Authorization check in ABAP Platform Kernel
Affected system
type
SAP Commerce
Patchday
2021-11
Released
on
2021/11/09
Description
[CVE-2021-40502] Missing Authorization check in SAP Commerce
Affected system
type
ABAP
Patchday
2021-11
Released
on
2021/11/09
Description
[CVE-2021-42062] Missing Authorization check in SAP ERP HCM
Affected system
type
ABAP
Patchday
2021-11
Released
on
2021/11/09
Description
URL Redirection vulnerability in Offer Management
Affected system
type
Java
Patchday
2021-11
Released
on
2021/11/09
Description
Cross-Site Request Forgery vulnerability in Enterprise Services Repository of SAP Process Integration
Affected system
type
ABAP
Patchday
2021-11
Released
on
2021/11/09
Description
[CVE-2021-40504] Leverage of Permission in SAP NetWeaver Application Server for ABAP and ABAP Platform
Affected system
type
SAP GUI / Frontend
Patchday
2021-11
Released
on
2021/11/09
Description
[CVE-2021-40503] Information Disclosure in SAP GUI for Windows