We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.

× Hey there! Glad you made it.
We have found 23 security advices for you to review.

 

Severity
SAP© Security advisories 23
 System Types
Affected SAP© system types

 

Related note
3221288
CVSS
8.3

Affected system type BI/BO platform
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35228] Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console)
Security Advisory
Related note
3212997
CVSS
7.6

Affected system type SAP Business One
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-32249] Information Disclosure vulnerability in SAP Business One
Security Advisory
Related note
3157613
CVSS
7.5

Affected system type SAP Business One
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-28771] Missing Authentication check in SAP Business One (License service API)
Security Advisory
Related note
3191012
CVSS
7.4

Affected system type SAP Business One
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-31593] Code Injection vulnerability in SAP Business One
Security Advisory
Related note
3169239
CVSS
6.5

Affected system type BI/BO platform
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-29619] Information Disclosure to user Administrator in SAP BusinessObjects Business Intelligence Platform 4.x
Security Advisory
Related note
2726124
CVSS
6.3

Affected system type ABAP
Patchday 2022-07
Released on 2022/06/28
Description Missing Authorization Check in multiple components under SAP Automotive Solutions
Security Advisory
Related note
3208819
CVSS
6.1

Affected system type Java
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35170] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
Security Advisory
Related note
3210779
CVSS
6.1

Affected system type Java
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35224] Cross-Site Scripting (XSS) vulnerability in SAP Enterprise Portal
Security Advisory
Related note
3209557
CVSS
6.1

Affected system type Java
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-32247] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
Security Advisory
Related note
3211760
CVSS
6.1

Affected system type Java
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35227] Cross-Site Scripting (XSS) vulnerability in SAP NW EP WPC
Security Advisory
Related note
3207902
CVSS
6.1

Affected system type Java
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35172] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
Security Advisory
Related note
3208880
CVSS
6.1

Affected system type Java
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35225] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
Security Advisory
Related note
3194361
CVSS
6.0

Affected system type BI/BO platform
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35169] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (LCM)
Security Advisory
Related note
3167430
CVSS
5.6

Affected system type BI/BO platform
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-31591] Privilege Escalation vulnerability in SAP BusinessObjects (BW Publisher Service)
Security Advisory
Related note
3213279
CVSS
5.4

Affected system type BI/BO platform
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-31598] Cross-Site Scripting (XSS) vulnerability in SAP Business Objects
Security Advisory
Related note
3213826
CVSS
5.4

Affected system type ABAP
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-31597] Missing Authorization check in SAP S/4HANA(business partner extension for Spain/Slovakia)
Security Advisory
Related note
3203079
CVSS
5.4

Affected system type BI/BO platform
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-32246] SQL Injection vulnerability in SAP BusinessObjects Business Intelligence Platform (Visual Difference Application)
Security Advisory
Related note
3150454
CVSS
4.9

Affected system type ABAP
Patchday 2022-07
Released on 2022/07/12
Description Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform
Security Advisory
Related note
3150463
CVSS
4.9

Affected system type ABAP
Patchday 2022-07
Released on 2022/07/12
Description Information Disclosure vulnerability in ABAP Platform
Security Advisory
Related note
3196280
CVSS
4.3

Affected system type ABAP
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-31592] Missing Authorization check in EA-DFPS
Security Advisory
Related note
3216161
CVSS
4.3

Affected system type ABAP
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-32248] Missing Input Validation in Manage Checkbooks component of SAP S/4HANA
Security Advisory
Related note
3211203
CVSS
4.3

Affected system type SAP Business One
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35168] Denial of Service vulnerability in SAP Business One
Security Advisory
Related note
3220746
CVSS
3.3

Affected system type SAP 3D Visual Enterprise
Patchday 2022-07
Released on 2022/07/12
Description [CVE-2022-35171] Improper Input Validation in SAP 3D Visual Enterprise Viewer
Security Advisory