We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Yikes, there is work to do!
This time we found critical correction advisiories. We count 13 and the highest
CVSS
score is 9.0.
Severity
SAP© Security advisories 13
System Types
Affected SAP© system types
3007182
CVSS
9.0
Affected system type
ABAP
Patchday
2021-07
Released on
2021/06/08
Description
[CVE-2021-27610] Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform
3059446
CVSS
7.6
Affected system type
Java
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33671] Missing Authorization check in SAP NetWeaver Guided Procedures
3056652
CVSS
7.5
Affected system type
Java
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33670] Denial of Service (DoS) in SAP NetWeaver AS for Java (Http Service)
3066316
CVSS
6.8
Affected system type
ABAP
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33676] Missing authorization check in SAP CRM ABAP
3044754
CVSS
6.5
Affected system type
ABAP
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33677] Information Disclosure in SAP NetWeaver AS ABAP and ABAP Platform
3048657
CVSS
6.5
Affected system type
ABAP
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33678] Code Injection vulnerability in SAP NetWeaver AS ABAP (Reconciliation Framework)
3053403
CVSS
5.4
Affected system type
SAP Lumira Server
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33682] Cross-Site Scripting (XSS) vulnerability in SAP Lumira Server
3000663
CVSS
5.4
Affected system type
Kernel
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33683] HTTP Request Smuggling in SAP Web Dispatcher and Internet Communication Manager
3032624
CVSS
5.3
Affected system type
Kernel
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33684] Memory Corruption in SAP NetWeaver AS ABAP and ABAP Platform
3059764
CVSS
4.5
Affected system type
Java
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33687] Information Disclosure in SAP NetWeaver AS for Java (Enterprise Portal)
3044751
CVSS
4.3
Affected system type
BI/BO platform
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33667] Information Disclosure in SAP Business Objects Web Intelligence (BI Launchpad)
3067890
CVSS
4.3
Affected system type
SAP 3D Visual Enterprise
Patchday
2021-07
Released on
2021/07/13
Description
[Multiple CVEs] Improper Input Validation in SAP 3D Visual Enterprise Viewer
3038594
CVSS
3.5
Affected system type
Java
Patchday
2021-07
Released on
2021/07/13
Description
[CVE-2021-33689] Insufficient Logging in SAP NetWeaver AS for JAVA (Administrator)