-
-
Notifications
View All[Action required] SAP Security Patch Day - September
[action required] sap security patch day of september the 13th has been provided 2022/09/13 | Advisory |[Solution available] App not loading
Sap has removed cdn library version used by securitybridge app, caused white screen. 2022/08/11 | News |[Action required] SAP Security Patch Day - August
[action required] sap security patch day of august the 7th has been provided 2022/07/14 | Advisory |[Action required] SAP Security Patch Day - July
[action required] sap security patch day of july the 5th has been provided 2022/07/14 | Advisory |Security Advisory for April 2022
Today we have released the security advisories for sap and the month of april 2022 2022/03/07 | Advisory |Security Advisory for February 2022
Today we have released the security advisories for sap and the month of february 2022 2022/02/18 | Advisory |Security Advisory for March 2022
Today we have released the security advisories for sap and the month of march 2022 2022/03/07 | Advisory |Security Advisory for January 2022
Today we have released the security advisories for sap and the month of january 2022 2022/01/07 | Advisory |Security Advisory for December 2021
Today we have released the security advisories for sap and the month of december 2021 2021/12/27 | Advisory |GUIDANCE FOR PREVENTING, DETECTING, AND HUNTING FOR CVE-2021-44228 LOG4J 2 EXPLOITATION IN SAP SYSTEMS
Apache log4j2 2.14.1 and below are susceptible to a remote code execution (rce) vulnerability. 2021/12/01 | News |Security Advisory for October 2021
Today we have released the security advisories for sap and the month of october 2021 2021/10/03 | Advisory |Security Advisory for September 2021
Today we have released the security advisories for sap and the month of september 2021 2021/09/27 | Advisory |Security Advisory for July 2021
Today we have released the security advisories for sap and the month of july 2021 2021/08/09 | Advisory |Security Advisory for June 2021
Today we have released the security advisories for sap and the month of june 2021 2021/08/09 | Advisory |Security Advisory for May 2021
Today we have released the security advisories for sap and the month of may 2021 2021/04/07 | Advisory |Security Advisory for April 2021
Today we have released the security advisories for sap and the month of april 2021 2021/04/07 | Advisory |Security Advisory for February 2021
Today we have released the security advisories for sap and the month of february 2021 2021/02/04 | Advisory |Security Advisory for January 2021
Today we have released the security advisories for sap and the month of january 2021 2021/02/04 | Advisory |Security Advisory for December 2020
Today we have released the security advisories for the month of december 2020 2021/01/13 | Advisory |Security Advisory for November 2020
Today we have released the security advisories for the month of november 2020 2020/11/24 | Advisory |Start your journey on the road to securing SAP
A new whitepaper has been published describing the important milestones and steps on your road to secure sap. 2020/11/24 | Advisory |
Security Advisory for October 2021
Advisory
Taking control of the SAP patch management process for the vast product portfolio offered by SAP SE is essential to maintain a steady security posture. We have reviewed the security patches released (and updated) in October 2021 and found corrections that eliminate the following attack vectors:
- "Code injection"
- "Command Injection"
- "Cross-site request forgery (XSRF)"
- "Cross-site scripting (XSS)"
- "Denial of Service (DoS)"
- "External entity tunneling (XXE)"
- "Information disclosure"
- "Missing authorization check"
- "Missing logging functionality"
Patches released by the manufacture contain solutions for the components
- "BC-ABA-LA"
- "BC-CCM-PRN"
- "BC-CST-IC"
- "BC-CTS-ORG"
- "BC-CTS-TMS"
- "BC-DWB-SEM"
- "BC-MID-ICF-LGN"
- "BI-RA-AWB"
- "BI-RA-CR-DB"
- "CA-UI5-COR"
- "CO-FIO-OM-PL"
- "LOD-SF-FWK"
- "SBO-CRO-SEC"
- "SCM-BAS-INT-EXT"
- "XAP-EM"
View all advisories of October 2021.