We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Yikes, there is work to do!
This time we found critical correction advisiories. We count 10 and the highest
CVSS
score is 9.9.
Severity
SAP© Security advisories 10
System Types
Affected SAP© system types
3243924
CVSS
9.9
Affected system type
BI/BO platform
Exploit available
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41203] Insecure Deserialization of Untrusted Data in SAP BusinessObjects Business Intelligence Platform (Central Management Console and BI Launchpad)
3256571
CVSS
8.7
Affected system type
ABAP
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41214] Multiple vulnerabilities in SAP NetWeaver Application Server ABAP and ABAP Platform
3249990
CVSS
7.5
Affected system type
SAP UI5
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2021-20223] Multiple Vulnerabilities in SQlite bundled with SAPUI5
3263436
CVSS
7.0
Affected system type
SAP 3D Visual Enterprise
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41211] Arbitrary Code Execution vulnerability in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer
3260708
CVSS
6.5
Affected system type
SAP Financial Consolidation
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41258] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Financial Consolidation
3229987
CVSS
6.5
Affected system type
Sybase platform
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41259] Denial of service (DOS) in SAP SQL Anywhere
3218159
CVSS
6.1
Affected system type
SAP UI5 SAP Fiori
Patchday
2022-11
Released on
2022/11/08
Description
Insufficient Session Expiration in Central Fiori Launchpad
3238042
CVSS
6.1
Affected system type
Java
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41207] URL Redirection vulnerability in SAP Biller Direct
3237251
CVSS
5.5
Affected system type
SAP GUI / Frontend
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41205] Code injection vulnerability in SAP GUI for Windows
3251202
CVSS
4.7
Affected system type
ABAP
Patchday
2022-11
Released on
2022/11/08
Description
[CVE-2022-41215] URL Redirection vulnerability in SAP NetWeaver ABAP Server and ABAP Platform