Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 8 and the highest CVSS score is 9.6.

 

 Severity
SAP© Security advisories 8
 System Types
Affected SAP© system types

 

Related note
3099776
CVSS
9.6

Affected system type
Kernel
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40501] Missing Authorization check in ABAP Platform Kernel

 

Related note
3110328
CVSS
8.3

Affected system type
SAP Commerce
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40502] Missing Authorization check in SAP Commerce

 

Related note
2827086
CVSS
7.9

Affected system type
SAP FRP
Patchday
2021-11
Released on
2021/11/09

Description
Several security vulnerabilities in FRP 5.4.0 and FR Engine 5.4.0

 

Related note
3080106
CVSS
6.8

Affected system type
SAP GUI / Frontend
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40503] Information Disclosure in SAP GUI for Windows

 

Related note
3104456
CVSS
6.5

Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-42062] Missing Authorization check in SAP ERP HCM

 

Related note
2607126
CVSS
6.3

Affected system type
Java
Patchday
2021-11
Released on
2021/11/09

Description
Cross-Site Request Forgery vulnerability in Enterprise Services Repository of SAP Process Integration

 

Related note
3105728
CVSS
4.9

Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09

Description
[CVE-2021-40504] Leverage of Permission in SAP NetWeaver Application Server for ABAP and ABAP Platform

 

Related note
3106859
CVSS
4.3

Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09

Description
URL Redirection vulnerability in Offer Management

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation
strategies essential for preventing the disruption of vital business systems.
We help businesses in making their SAP systems more secure.

Company

© Copyright 2021 by SecurityBridge // NCMI GmbH