We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Yikes, there is work to do!
This time we found critical correction advisiories. We count 8 and the highest
CVSS
score is 9.6.
Severity
SAP© Security advisories 8
System Types
Affected SAP© system types
3099776
CVSS
9.6
Affected system type
Kernel
Patchday
2021-11
Released on
2021/11/09
Description
[CVE-2021-40501] Missing Authorization check in ABAP Platform Kernel
3110328
CVSS
8.3
Affected system type
SAP Commerce
Patchday
2021-11
Released on
2021/11/09
Description
[CVE-2021-40502] Missing Authorization check in SAP Commerce
2827086
CVSS
7.9
Affected system type
SAP FRP
Patchday
2021-11
Released on
2021/11/09
Description
Several security vulnerabilities in FRP 5.4.0 and FR Engine 5.4.0
3080106
CVSS
6.8
Affected system type
SAP GUI / Frontend
Patchday
2021-11
Released on
2021/11/09
Description
[CVE-2021-40503] Information Disclosure in SAP GUI for Windows
3104456
CVSS
6.5
Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09
Description
[CVE-2021-42062] Missing Authorization check in SAP ERP HCM
2607126
CVSS
6.3
Affected system type
Java
Patchday
2021-11
Released on
2021/11/09
Description
Cross-Site Request Forgery vulnerability in Enterprise Services Repository of SAP Process Integration
3105728
CVSS
4.9
Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09
Description
[CVE-2021-40504] Leverage of Permission in SAP NetWeaver Application Server for ABAP and ABAP Platform
3106859
CVSS
4.3
Affected system type
ABAP
Patchday
2021-11
Released on
2021/11/09
Description
URL Redirection vulnerability in Offer Management