Security Advisory for December 2020 
Advisory

Today we have released the Security Advisories for the month of December 2020

 


In the month of December 2020 we would like to bring 12 security advisories to your attention. 

Taking control of the patch management process for the vast product portfolio offered by SAP SE is essential to maintain a steady security posture. We have reviewed the security patches released (and updated) in December 2020 and found corrections that eliminate the following attack vectors:

  • "Missing security function"
  • "Missing authorization check"
  • "External entity tunneling (XXE)"
  • "Command Injection"
  • "Missing authentication check"
  • "Cross-Site Scripting (XSS)"
  • "Denial of Service (DoS)"
  • "URL Redirection vulnerability"
  • "Code Injection"

Patches released by the manufacture contain solutions for the components

  • "EPM-DSM-GEN"
  • "FI-CF-INF"
  • "CA-DT-CNV"
  • "BC-JAS-COR-CLS"
  • "BC-NWA-XPI"
  • "HAN-DB-SEC"
  • "BC-ABA-LA"
  • "SV-SMG-MON-EEM"
  • "SV-SMG-DIA-APP-TA"
  • "BW-WHM-DBA-MD"
  • "BC-JAS-SEC"
  • "BI-RA-CR-VW"

View all advisories of December 2020.

  • Share with: