Security Advisory for April 2021 
Advisory

Today we have released the Security Advisories for SAP and the month of April 2021

 

In the month of April 2021, we would like to bring 19 security advisories to your attention.

Taking control of the SAP patch management process for the vast product portfolio offered by SAP SE is essential to maintain a steady security posture. We have reviewed the security patches released (and updated) in April 2021 and found corrections that eliminate the following attack vectors:

  • "Clickjacking"
  • "Code Injection"
  • "Content spoofing"
  • "Cross-site request forgery (XSRF)"
  • "Cross-site scripting (XSS)"
  • "Denial of Service (DoS)"
  • "External entity tunneling (XXE)"
  • "Information disclosure"
  • "Insecure installation defaults"
  • "Missing authorization check"

Patches released by the manufacture contain solutions for the components

  • "BC-CST-DP"
  • "BC-FES-INS"
  • "BC-JAS-ADM-ADM"
  • "BC-JAS-COR"
  • "BC-JAS-WEB"
  • "BC-SRV-PMI"
  • "BC-XI-IBD-MAP"
  • "BC-XI-IBF-COR"
  • "BC-XI-IS-WKB"
  • "BI-BIP-CMC"
  • "CA-VE-VEV"
  • "CEC-COM-CPS-CKP"
  • "EP-PDK-HBJ"
  • "FI-TV-ODT-MTE"
  • "FIN-FSCM-PF"
  • "MDM-FN-MDS-SEC"
  • "MFG-ME-API"
  • "SV-FRN-APP-SDD"
  • "SV-SMG-INS-CFG"

View all advisories of April 2021.

  • Share with:
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation
strategies essential for preventing the disruption of vital business systems.
We help businesses in making their SAP systems more secure.

Company

© Copyright 2021 by SecurityBridge // NCMI GmbH