Security Advisories  

We've created the first of its kind, SecurityBridge Cloud Platform to prioritize SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. Our security advisories enable SAP users to understand the security and business implications of running SAP.

The user interface, is designed to be as intuitive as possible but we'd love to hear your feedback and opinions.
We hope you like it!
× Hey there! Glad you made it.
We have found 10 security advices for you to review.

 

 Severity
SAP© Security advisories 10
 System Types
Affected SAP© system types

 

Related note
3421384
CVSS
7.7

Affected system type
BI/BO platform
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-25646] Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence

Security Advisory

 

Related note
3425188
CVSS
5.3

Affected system type
Java
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-27898] Server-Side Request Forgery in SAP NetWeaver (tc~esi~esp~grmg~wshealthcheck~ear)

Security Advisory

 

Related note
3430173
CVSS
4.3

Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-30217] Missing Authorization check in SAP S/4 HANA (Cash Management)

Security Advisory

 

Related note
3421453
CVSS
4.8

Affected system type
SAP Business Connector
Patchday
2024-04
Released on
2024/04/09

Description
[Multiple CVEs] Cross-Site Scripting (XSS) vulnerabilities in SAP Business Connector

Security Advisory

 

Related note
3438234
CVSS
7.2

Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-27901] Directory Traversal vulnerability in SAP Asset Accounting

Security Advisory

 

Related note
3442741
CVSS
6.8

Affected system type
SAP Edge Integration
Patchday
2024-04
Released on
2024/04/09

Description
Stack overflow vulnerability on the component images of SAP Integration Suite (EDGE INTEGRATION CELL)

Security Advisory

 

Related note
3442378
CVSS
6.5

Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-28167] Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data)

Security Advisory

 

Related note
3359778
CVSS
6.5

Affected system type
Kernel
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-30218] Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform

Security Advisory

 

Related note
3427178
CVSS
4.3

Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-30216] Missing Authorization check in SAP S/4 HANA (Cash Management)

Security Advisory

 

Related note
3434839
CVSS
8.8

Affected system type
Java
Patchday
2024-04
Released on
2024/04/09

Description
[CVE-2024-27899] Security misconfiguration vulnerability in SAP NetWeaver AS Java User Management Engine

Security Advisory

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge
Platform
Product

© Copyright 2024 by SecurityBridge GmbH

v34.3