Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Hey there! Glad you made it.
We have found 13 security advices for you to review.

 

 Severity
SAP© Security advisories 13
 System Types
Affected SAP© system types

 

Related note
3312733
CVSS
6.8

Affected system type
Java
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-26458] Information Disclosure vulnerability in SAP Landscape Management

Security Advisory

 

Related note
3311624
CVSS
6.7

Affected system type
SAP GUI / Frontend
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-29187] DLL Hijacking vulnerability in SapSetup (Software Installation Program)

Security Advisory

 

Related note
3289994
CVSS
6.5

Affected system type
Java
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-28761] Missing Authentication check in SAP NetWeaver Enterprise Portal

Security Advisory

 

Related note
3296378
CVSS
6.5

Affected system type
ABAP
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-28763] - Denial of Service in SAP NetWeaver AS for ABAP and ABAP Platform

Security Advisory

 

Related note
3275458
CVSS
6.1

Affected system type
Kernel
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-27499] Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML

Security Advisory

 

Related note
3309056
CVSS
6.0

Affected system type
ABAP
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-27897] Code Injection vulnerability in SAP CRM

Security Advisory

 

Related note
3269352
CVSS
5.4

Affected system type
ABAP
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-29189] HTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)

Security Advisory

 

Related note
3303060
CVSS
5.3

Affected system type
ABAP
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-29185] Denial of Service (DOS) in SAP NetWeaver AS for ABAP (Business Server Pages)

Security Advisory

 

Related note
3287784
CVSS
5.3

Affected system type
Java
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-24527] Improper Access Control in SAP NetWeaver AS Java for Deploy Service

Security Advisory

 

Related note
3315312
CVSS
5.0

Affected system type
Kernel
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-29108] IP filter vulnerability in ABAP Platform and SAP Web Dispatcher

Security Advisory

 

Related note
3316509
CVSS
4.7

Affected system type
SAP Commerce
Patchday
2023-04
Released on
2023/04/11

Description
Remote Code Execution vulnerability in SAP Commerce

Security Advisory

 

Related note
3115598
CVSS
4.4

Affected system type
ABAP
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-29109] Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard)

Security Advisory

 

Related note
3301457
CVSS
4.3

Affected system type
ABAP
Patchday
2023-04
Released on
2023/04/11

Description
[CVE-2023-1903] Missing Authorization check in SAP HCM Fiori App My Forms (Fiori 2.0)

Security Advisory

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge
Platform
Product

© Copyright 2023 by SecurityBridge GmbH

v28.2