We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!
× Hey there! Glad you made it.
We have found 14 security advices for you to review.

 

 Severity
SAP© Security advisories 14
 System Types
Affected SAP© system types

 

Related note
3466801
CVSS
6.9

Affected system type
SAP Landscape...
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39593] Information Disclosure vulnerability in SAP Landscape Management

 

Related note
3476348
CVSS
4.3

Affected system type
SAP Enable Now
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable Now

 

Related note
3456952
CVSS
4.7

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39599] Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform

 

Related note
3469958
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-37171] Server-Side Request Forgery (SSRF) in SAP Transportation Management (Collaboration Portal)

 

Related note
3457354
CVSS
5.4

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-37172] Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)

 

Related note
3461110
CVSS
5.0

Affected system type
SAP GUI
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39600] Information Disclosure vulnerability in SAP GUI for Windows

 

Related note
3483993
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34689] Prerequisite for Security Note 3458789

 

Related note
3468681
CVSS
6.1

Affected system type
Java
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34685] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Knowledge Management XMLEditor

 

Related note
3467377
CVSS
6.1

Affected system type
SAP CRM UI
Patchday
2024-07
Released on
2024/07/09

Description
[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

 

Related note
3476340
CVSS
3.3

Affected system type
SAP Enable Now
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34692] Unrestricted File upload vulnerability in SAP Enable Now

 

Related note
3485805
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34689] Allowlisting of callback-URLs in SAP Business Workflow (WebFlow Services)

 

Related note
3490515
CVSS
7.2

Affected system type
SAP Commerce
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39597] Improper Authorization Checks on Early Login Composable Storefront B2B sites of SAP Commerce

 

Related note
3458789
CVSS
5.0

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-34689] Server-Side Request Forgery in SAP Business Workflow (WebFlow Services)

 

Related note
3482217
CVSS
6.1

Affected system type
ABAP
Patchday
2024-07
Released on
2024/07/09

Description
[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation

 

 
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2024 by SecurityBridge GmbH

v35.0