We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Hey there! Glad you made it.
We have found 14 security advices for you to review.
Severity
SAP© Security advisories 14
System Types
Affected SAP© system types
3158375
CVSS
8.6
Affected system type
SAProuter
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-27668] Improper Access Control of SAProuter for SAP NetWeaver and ABAP Platform
3147498
CVSS
8.2
Affected system type
Java
Patchday
2022-06
Released on
2022/06/14
Description
Improper Access Control check in SAP NetWeaver basicadmin and adminadapter services
3197005
CVSS
7.8
Affected system type
SAP PowerDesigner
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-31590] Potential privilege escalation in SAP PowerDesigner Proxy 16.7
3206271
CVSS
6.5
Affected system type
SAP 3D Visual Enterprise
Patchday
2022-06
Released on
2022/06/14
Description
[Multiple CVEs] Improper Input Validation in SAP 3D Visual Enterprise Viewer
3134161
CVSS
6.5
Affected system type
ABAP
Patchday
2022-06
Released on
2022/06/14
Description
Missing Authorization check in SAP ERP HCM
3197927
CVSS
6.1
Affected system type
SAP...
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-29618] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Development Infrastructure (Design Time Repository)
3203065
CVSS
5.0
Affected system type
ABAP
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-31589] Segregation of Duty vulnerability in IL FI-AP File from SHAAM program.
3158815
CVSS
5.0
Affected system type
SAP Financial Consolidation
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-31595] Privilege escalation vulnerability in SAP Financial Consolidation
3194674
CVSS
5.0
Affected system type
ABAP SAP Host Agent
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-29612] Server-Side Request Forgery in SAP NetWeaver, ABAP Platform and SAP Host Agent
3158619
CVSS
4.9
Affected system type
ABAP Java HANA platform
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-29614] Privilege Escalation in SAP startservice of SAP NetWeaver AS ABAP, AS Java, ABAP Platform and HANA Database
3190675
CVSS
3.7
Affected system type
UI5
Patchday
2022-06
Released on
2022/06/14
Description
Unsafe use of target blank in SAP Marketing Campaigns
3191812
CVSS
3.7
Affected system type
UI5
Patchday
2022-06
Released on
2022/06/14
Description
Cross-Site Scripting (XSS) vulnerability in SAP Marketing Campaigns App
3202846
CVSS
3.4
Affected system type
Java
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-29615] Multiple vulnerabilities associated with Apache log4j 1.x component in SAP NetWeaver Developer Studio (NWDS)
3155571
CVSS
3.2
Affected system type
SAP Adaptive Server...
Patchday
2022-06
Released on
2022/06/14
Description
[CVE-2022-31594] Privilege escalation vulnerability in SAP Adaptive Server Enterprise (ASE)