We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!
× Hey there! Glad you made it.
We have found 23 security advices for you to review.

 

 Severity
SAP© Security advisories 23
 System Types
Affected SAP© system types

 

Related note
3221288
CVSS
8.3

Affected system type
BI/BO platform
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35228] Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console)

 

Related note
3157613
CVSS
7.5

Affected system type
SAP Business One
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-28771] Missing Authentication check in SAP Business One (License service API)

 

Related note
3210779
CVSS
6.1

Affected system type
Java
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35224] Cross-Site Scripting (XSS) vulnerability in SAP Enterprise Portal

 

Related note
3220746
CVSS
3.3

Affected system type
SAP 3D Visual Enterprise
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35171] Improper Input Validation in SAP 3D Visual Enterprise Viewer

 

Related note
3209557
CVSS
6.1

Affected system type
Java
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-32247] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal

 

Related note
3213826
CVSS
5.4

Affected system type
ABAP
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-31597] Missing Authorization check in SAP S/4HANA(business partner extension for Spain/Slovakia)

 

Related note
3213279
CVSS
5.4

Affected system type
BI/BO platform
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-31598] Cross-Site Scripting (XSS) vulnerability in SAP Business Objects

 

Related note
3212997
CVSS
7.6

Affected system type
SAP Business One
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-32249] Information Disclosure vulnerability in SAP Business One

 

Related note
3191012
CVSS
7.4

Affected system type
SAP Business One
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-31593] Code Injection vulnerability in SAP Business One

 

Related note
3150463
CVSS
4.9

Affected system type
ABAP
Patchday
2022-07
Released on
2022/07/12

Description
Information Disclosure vulnerability in ABAP Platform

 

Related note
3203079
CVSS
5.4

Affected system type
BI/BO platform
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-32246] SQL Injection vulnerability in SAP BusinessObjects Business Intelligence Platform (Visual Difference Application)

 

Related note
3208819
CVSS
6.1

Affected system type
Java
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35170] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal

 

Related note
3194361
CVSS
6.0

Affected system type
BI/BO platform
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35169] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (LCM)

 

Related note
3167430
CVSS
5.6

Affected system type
BI/BO platform
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-31591] Privilege Escalation vulnerability in SAP BusinessObjects (BW Publisher Service)

 

Related note
3211203
CVSS
4.3

Affected system type
SAP Business One
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35168] Denial of Service vulnerability in SAP Business One

 

Related note
3216161
CVSS
4.3

Affected system type
ABAP
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-32248] Missing Input Validation in Manage Checkbooks component of SAP S/4HANA

 

Related note
2726124
CVSS
6.3

Affected system type
ABAP
Patchday
2022-07
Released on
2022/06/28

Description
Missing Authorization Check in multiple components under SAP Automotive Solutions

 

Related note
3169239
CVSS
6.5

Affected system type
BI/BO platform
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-29619] Information Disclosure to user Administrator in SAP BusinessObjects Business Intelligence Platform 4.x

 

Related note
3211760
CVSS
6.1

Affected system type
Java
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35227] Cross-Site Scripting (XSS) vulnerability in SAP NW EP WPC

 

Related note
3196280
CVSS
4.3

Affected system type
ABAP
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-31592] Missing Authorization check in EA-DFPS

 

Related note
3207902
CVSS
6.1

Affected system type
Java
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35172] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal

 

Related note
3208880
CVSS
6.1

Affected system type
Java
Patchday
2022-07
Released on
2022/07/12

Description
[CVE-2022-35225] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal

 

Related note
3150454
CVSS
4.9

Affected system type
ABAP
Patchday
2022-07
Released on
2022/07/12

Description
Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2024 by SecurityBridge GmbH

v35.0