We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Yikes, there is work to do!
This time we found critical correction advisiories. We count 11 and the highest
CVSS
score is 9.9.
Severity
SAP© Security advisories 11
System Types
Affected SAP© system types
3014121
CVSS
9.9
Affected system type
SAP Commerce Cloud
Patchday
2021-02
Released on
2021/02/09
Description
[CVE-2021-21477] Remote Code Execution vulnerability in SAP Commerce
2998173
CVSS
6.3
Affected system type
SAP Netweaver
Patchday
2021-02
Released on
2021/02/09
Description
[CVE-2021-21472] Server password not set during installation of SAP NetWeaver Master Data Management 7.1
2835240
CVSS
5.4
Affected system type
Java
Patchday
2021-02
Released on
2021/02/09
Description
Clickjacking vulnerability in Cloud Integration Content of SAP Process Integration
2990992
CVSS
5.4
Affected system type
ABAP
Patchday
2021-02
Released on
2021/02/09
Description
Missing Authorization Checks in the Monitor Data and My Data Collections Apps
2935791
CVSS
5.4
Affected system type
BI/BO platform
Patchday
2021-02
Released on
2021/02/09
Description
[CVE-2021-21444] Clickjacking vulnerability in SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad)
2973428
CVSS
4.7
Affected system type
Kernel
Patchday
2021-02
Released on
2021/02/09
Description
Reverse Tabnabbing vulnerability within SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML)
2974582
CVSS
4.7
Affected system type
ABAP
Patchday
2021-02
Released on
2021/02/09
Description
[CVE-2021-21478] Reverse Tabnabbing vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP)
2994289
CVSS
4.1
Affected system type
ABAP
Patchday
2021-02
Released on
2021/02/09
Description
Reverse Tabnabbing vulnerability within SAP CRM WebClient UI
2992154
CVSS
4.1
Affected system type
SAP HANA Platform
Patchday
2021-02
Released on
2021/02/09
Description
[CVE-2021-21474] SAML Assertion Signature MD5 Digest Algorithm Vulnerability in SAP HANA Database
3000897
CVSS
4.0
Affected system type
Java
Patchday
2021-02
Released on
2021/02/09
Description
[CVE-2021-21475] Directory Traversal vulnerability in SAP NetWeaver Master Data Management 7.1
2818963
CVSS
0.0
Affected system type
Java
Patchday
2021-02
Released on
2021/02/09
Description
Clickjacking vulnerability in Adapter Runtime of SAP Process Integration