-
-
Notifications
[Action required] SAP Security Patch Day - October 2024
SAP Patches released on SAP Security Patch Day - October 10 2024 2024/10/08 | Advisory |Stable version 6.30
A new Stable version 6.30.1 now available for download and installation – You are welcome to try it out! 2024/10/03 | Release notes |[Action required] SAP Security Patch Day - September 2024
SAP Patches released on SAP Security Patch Day - September 10 2024 2024/09/10 | Advisory |[Action required] SAP Security Patch Day - August 2024
SAP Patches released on SAP Security Patch Day - August 13 2024 2024/08/13 | Advisory |[Action required] SAP Security Patch Day - July 2024
SAP Patches released on SAP Security Patch Day - July 09 2024 2024/07/09 | Advisory |[Action required] SAP Security Patch Day - June 2024
SAP Patches released on SAP Security Patch Day - June 11 2024 2024/06/11 | Advisory |[Action required] SAP Security Patch Day - May 2024
SAP Patches released on SAP Security Patch Day - May 14 2024 2024/05/14 | Advisory |[Action required] SAP Security Patch Day - April 2024
SAP Patches released on SAP Security Patch Day - April 9 2024 2024/04/09 | Advisory |[Action required] SAP Security Patch Day - March 2024
SAP Patches released on SAP Security Patch Day - March 12 2024 2024/03/12 | Advisory |[Action required] SAP Security Patch Day - February 2024
SAP Patches released on SAP Security Patch Day - February 13 2024 2024/02/13 | Advisory |[Action required] SAP Security Patch Day - January 2024
SAP Patches released on SAP Security Patch Day - January 9 2024 2024/01/09 | Advisory |[Action required] SAP Security Patch Day - December 2023
SAP Patches released on SAP Security Patch Day - December 12 2023 2023/12/12 | Advisory |[Action required] SAP Security Patch Day - November 2023
SAP Patches release on SAP Security Patch Day of November on 14th 2023 2023/11/14 | Advisory |[Action required] SAP Security Patch Day - October 2023
SAP Patches release on SAP Security Patch Day of October on 10th 2023 2023/10/10 | Advisory |[Action required] SAP Security Patch Day - September 2023
SAP Patches release on SAP Security Patch Day of September on 12th 2023 2023/09/12 | Advisory |[Action required] SAP Security Patch Day - August 2023
SAP Patches release on SAP Security Patch Day of August on 8th 2023 2023/08/08 | Advisory |[Action required] SAP Security Patch Day - July 2023
SAP Patches release on SAP Security Patch Day of July on 11th 2023 2023/07/11 | Advisory |[Action required] SAP Security Patch Day - June 2023
SAP Patches release on SAP Security Patch Day of June on 13th 2023 2023/06/13 | Advisory |[Action required] SAP Security Patch Day - May 2023
SAP Patches release on SAP Security Patch Day of May on 9th 2023 2023/05/09 | Advisory |[Action required] SAP Security Patch Day - April 2023
SAP Patches release on SAP Security Patch Day of April on 11th 2023 2023/04/11 | Advisory |[Action required] SAP Security Patch Day - March 2023
SAP Patches release on SAP Security Patch Day of March on 14th 2023 2023/03/14 | Advisory |[Action required] SAP Security Patch Day - February 2023
SAP Patches release on SAP Security Patch Day of February on 14th 2023 2023/02/14 | Advisory |[Action required] SAP Security Patch Day - January 2023
HotNews Patches release on SAP Security Patch Day of January on 10th 2023 2023/01/10 | Advisory |[Action required] SAP Security Patch Day - December 2022
SAP Security Patch Day of December the 13th 2022 has been provided. 2022/12/13 | Advisory |[Action required] SAP Security Patch Day - September 2022
[Action required] SAP Security Patch Day of September the 13th has been provided 2022/09/13 | Advisory |[Solution available] App not loading
SAP has removed CDN library version used by SecurityBridge App, caused white screen. 2022/08/11 | News |[Action required] SAP Security Patch Day - August 2022
[Action required] SAP Security Patch Day of August the 7th has been provided 2022/07/14 | Advisory |[Action required] SAP Security Patch Day - July 2022
[Action required] SAP Security Patch Day of July the 5th has been provided 2022/07/14 | Advisory |Security Advisory for April 2022
Today we have released the Security Advisories for SAP and the month of April 2022 2022/03/07 | Advisory |Security Advisory for February 2022
Today we have released the Security Advisories for SAP and the month of February 2022 2022/02/18 | Advisory |Security Advisory for March 2022
Today we have released the Security Advisories for SAP and the month of March 2022 2022/03/07 | Advisory |Security Advisory for January 2022
Today we have released the Security Advisories for SAP and the month of January 2022 2022/01/07 | Advisory |Security Advisory for December 2021
Today we have released the Security Advisories for SAP and the month of December 2021 2021/12/27 | Advisory |GUIDANCE FOR PREVENTING, DETECTING, AND HUNTING FOR CVE-2021-44228 LOG4J 2 EXPLOITATION IN SAP SYSTEMS
Apache Log4j2 2.14.1 and below are susceptible to a remote code execution (RCE) vulnerability. 2021/12/01 | News |Security Advisory for October 2021
Today we have released the Security Advisories for SAP and the month of October 2021 2021/10/03 | Advisory |Security Advisory for September 2021
Today we have released the Security Advisories for SAP and the month of September 2021 2021/09/27 | Advisory |Security Advisory for July 2021
Today we have released the Security Advisories for SAP and the month of July 2021 2021/08/09 | Advisory |Security Advisory for June 2021
Today we have released the Security Advisories for SAP and the month of June 2021 2021/08/09 | Advisory |Security Advisory for May 2021
Today we have released the Security Advisories for SAP and the month of May 2021 2021/04/07 | Advisory |Security Advisory for April 2021
Today we have released the Security Advisories for SAP and the month of April 2021 2021/04/07 | Advisory |Security Advisory for February 2021
Today we have released the Security Advisories for SAP and the month of February 2021 2021/02/04 | Advisory |Security Advisory for January 2021
Today we have released the Security Advisories for SAP and the month of January 2021 2021/02/04 | Advisory |Security Advisory for December 2020
Today we have released the Security Advisories for the month of December 2020 2021/01/13 | Advisory |Security Advisory for November 2020
Today we have released the Security Advisories for the month of November 2020 2020/11/24 | Advisory |Start your journey on the road to securing SAP
A new whitepaper has been published describing the important milestones and steps on your road to secure SAP. 2020/11/24 | Advisory |
[Action required] SAP Security Patch Day - May 2023
Advisory
The SAP Security Patch Day of May 2023 included patches for various SAP components while SAP BusinessObjects is a focus area. The May release addressing vulnerabilities ranging from information disclosure and cross-site scripting (XSS) to privilege escalation and denial of service (DoS) attacks.
One of the vulnerabilities addressed was a high priority issue with a CVSS score of 9.8 in the Reprise License Manager 14.2 component used with SAP 3D Visual Enterprise License Manager. This vulnerability could allow an attacker to execute arbitrary code and potentially take control of affected systems.
Another high priority vulnerability with a CVSS score of 8.2 was found in the SAP AS NetWeaver JAVA component, where improper access control during application start-up could enable an attacker to gain unauthorized access to sensitive data.
In addition, several medium and low priority vulnerabilities were also addressed, including XSS vulnerabilities in SAP CRM WebClient UI and BusinessObjects Business Intelligence platform, as well as an information disclosure vulnerability in SAP GUI for Windows.
Customers who use these affected components are strongly advised to apply the necessary patches as soon as possible to protect their systems from potential attacks. It is also recommended to keep systems up to date with the latest security patches to minimize the risk of future vulnerabilities.
As a response, the SecurityBridge Team has taken immediate action by updating the cloud backbone with the latest security patches. If you are a SecurityBridge customer, it is highly recommended that you initiate the validation process to determine which patches are most relevant to your environment.
The team at SecurityBridge recognizes that the security of your environment is of utmost importance, and as such, the validation process has been streamlined to ensure maximum efficiency. We understand that each customer's environment is unique, and that is why our validation process is tailored to provide you with the necessary guidance to select the most relevant patches for your system.
In summary, we urge all SecurityBridge customers to begin the download and validation process as soon as possible to ensure the highest level of security for their environment.
Please visit https://securitybridge.com/sap-patchday/ to find an overview of all articles that we have create about recent SAP Security Patch Days. Furthermore you can find the specific May 2023 article via this direct link: https://securitybridge.com/sap-patchday/sap-security-patch-day-may-2023/.
Updates from previous releases
3117978 |
[CVE-2023-29111] Information Disclosure vulnerability in SAP Application Interface Framework (ODATA service) |
2622660 |
Security updates for the browser control Google Chromium delivered with SAP Business Client |