We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Hey there! Glad you made it.
We have found 9 security advices for you to review.
Severity
SAP© Security advisories 9
System Types
Affected SAP© system types
3053066
CVSS
8.7
Affected system type
Java
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-27635] Missing XML Validation in SAP NetWeaver AS for JAVA
3030961
CVSS
6.4
Affected system type
Java
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-27615] Cross-Site Scripting (XSS) vulnerability in SAP Manufacturing Execution
3021050
CVSS
5.9
Affected system type
Internet Graphics Service
Patchday
2021-06
Released on
2021/06/08
Description
[Multiple CVEs] Memory Corruption vulnerability in SAP Internet Graphics Service
3049879
CVSS
5.9
Affected system type
SAP Enable Now
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-27637] Information Disclosure in SAP Enable Now (SAP Workforce Performance Builder - Manager)
3030604
CVSS
5.8
Affected system type
ABAP
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-33663] Plaintext Injection in SAP NetWeaver AS for ABAP
3025604
CVSS
5.4
Affected system type
ABAP
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-33664] Cross-Site Scripting (XSS) vulnerability within SAP NetWeaver AS ABAP (Applications based on Web Dynpro ABAP)
3028370
CVSS
5.4
Affected system type
ABAP
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-33665] Cross-Site Scripting (XSS) vulnerability within SAP NetWeaver AS ABAP (Applications based on SAP GUI for HTML)
2985562
CVSS
4.7
Affected system type
SAP Commerce Cloud
Patchday
2021-06
Released on
2021/06/08
Description
[CVE-2021-33666] Cross-Site Scripting (XSS) in SAP Commerce Cloud
2999590
CVSS
4.3
Affected system type
ABAP
Patchday
2021-06
Released on
2021/05/25
Description
Incomplete authorization checks for import of environmental data