Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Yikes, there is work to do!
This time we found critical correction advisiories. We count 10 and the highest CVSS score is 9.9.

 

 Severity
SAP© Security advisories 10
 System Types
Affected SAP© system types

 

Related note
3243924
CVSS
9.9

Affected system type
BI/BO platform
Exploit available
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41203] Insecure Deserialization of Untrusted Data in SAP BusinessObjects Business Intelligence Platform (Central Management Console and BI Launchpad)

 

Related note
3249990
CVSS
9.8

Affected system type
ABAP, Java
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2021-20223] Multiple Vulnerabilities in SQlite bundled with SAPUI5

 

Related note
3256571
CVSS
8.7

Affected system type
ABAP
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41214] Multiple vulnerabilities in SAP NetWeaver Application Server ABAP and ABAP Platform

 

Related note
3263436
CVSS
7.0

Affected system type
SAP 3D Visual Enterprise
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41211] Arbitrary Code Execution vulnerability in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer

 

Related note
3229987
CVSS
6.5

Affected system type
Sybase platform
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41259] Denial of service (DOS) in SAP SQL Anywhere

 

Related note
3260708
CVSS
6.5

Affected system type
SAP Financial Consolidation
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41258] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Financial Consolidation

 

Related note
3238042
CVSS
6.1

Affected system type
Java
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41207] URL Redirection vulnerability in SAP Biller Direct

 

Related note
3218159
CVSS
6.1

Affected system type
SAP UI5SAP Fiori
Patchday
2022-11
Released on
2022/11/08

Description
Insufficient Session Expiration in Central Fiori Launchpad

 

Related note
3237251
CVSS
5.5

Affected system type
SAP GUI
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41205] Code injection vulnerability in SAP GUI for Windows

 

Related note
3251202
CVSS
4.7

Affected system type
ABAP
Patchday
2022-11
Released on
2022/11/08

Description
[CVE-2022-41215] URL Redirection vulnerability in SAP NetWeaver ABAP Server and ABAP Platform

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2023 by SecurityBridge // NCMI GmbH