-
-
Notifications
Security Advisory for February 2022
Today we have released the security advisories for sap and the month of february 2022 2022/02/18 | AdvisorySecurity Advisory for March 2022
Today we have released the security advisories for sap and the month of march 2022 2022/03/07 | AdvisorySecurity Advisory for January 2022
Today we have released the security advisories for sap and the month of january 2022 2022/01/07 | AdvisorySecurity Advisory for December 2021
Today we have released the security advisories for sap and the month of december 2021 2021/12/27 | AdvisoryGUIDANCE FOR PREVENTING, DETECTING, AND HUNTING FOR CVE-2021-44228 LOG4J 2 EXPLOITATION IN SAP SYSTEMS
Apache log4j2 2.14.1 and below are susceptible to a remote code execution (rce) vulnerability. 2021/12/01 | News
Security Advisory for March 2022
Advisory
Taking control of the SAP patch management process for the vast product portfolio offered by SAP SE is essential to maintain a steady security posture. We have reviewed the security patches released (and updated) in March 2022 and found corrections that eliminate the following attack vectors:
- "Code injection"
- "Cross-Site Scripting (XSS)"
- "Denial of service (DoS)"
- "Directory traversal (read)"
- "Information disclosure"
- "Missing authentication check Information disclosure"
- "Missing authorization check"
Patches released by the manufacturer contain solutions for the components
- "BC-ABA-SC"
- "BC-INS-TLS"
- "BC-JAS-WEB"
- "BI-BIP-SL-ENG-OLA"
- "CA-FLP-FE-COR"
- "EP-PIN-NAV"
- "EP-PIN-RTM"
- "EPM-BFC-PSI-INS"
- "MOB-SYC-SAP-WM"
- "SV-FRN-APP-RUM"
- "SV-FRN-INF-SDA"
View all SAP security advisories of March 2022.