We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 8 and the highest CVSS score is 9.6.

 

 Severity
SAP© Security advisories 8
 System Types
Affected SAP© system types

 

Related note
2827086
CVSS
7.9

Affected system type
SAP FRP
Patchday
2021-11
Released on
2021/11/09

Description
Several security vulnerabilities in FRP 5.4.0 and FR Engine 5.4.0

 

Related note
3099776
CVSS
9.6

Affected system type
Kernel
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40501] Missing Authorization check in ABAP Platform Kernel

 

Related note
3110328
CVSS
8.3

Affected system type
SAP Commerce
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40502] Missing Authorization check in SAP Commerce

 

Related note
3104456
CVSS
6.5

Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-42062] Missing Authorization check in SAP ERP HCM

 

Related note
3106859
CVSS
4.3

Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09

Description
URL Redirection vulnerability in Offer Management

 

Related note
2607126
CVSS
6.3

Affected system type
Java
Patchday
2021-11
Released on
2021/11/09

Description
Cross-Site Request Forgery vulnerability in Enterprise Services Repository of SAP Process Integration

 

Related note
3105728
CVSS
4.9

Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40504] Leverage of Permission in SAP NetWeaver Application Server for ABAP and ABAP Platform

 

Related note
3080106
CVSS
6.8

Affected system type
SAP GUI / Frontend
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40503] Information Disclosure in SAP GUI for Windows

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2024 by SecurityBridge GmbH

v35.0