We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Hey there! Glad you made it.
We have found 15 security advices for you to review.
Severity
SAP© Security advisories 15
System Types
Affected SAP© system types
3331376
CVSS
8.7
Affected system type
ABAP
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-33989] Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)
3233899
CVSS
8.6
Affected system type
Kernel
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-33987] Request smuggling and request concatenation vulnerability in SAP Web Dispatcher
3331029
CVSS
7.8
Affected system type
Sybase platform
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-33990] Denial of service (DOS) vulnerability in SAP SQL Anywhere
3340735
CVSS
7.7
Affected system type
Kernel
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-35871] Memory Corruption vulnerability in SAP Web Dispatcher
3348145
CVSS
7.2
Affected system type
Java
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-36921] Header Injection in SAP Solution Manager (Diagnostic Agent)
3352058
CVSS
7.2
Affected system type
Java
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-36925] Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)
3343547
CVSS
6.5
Affected system type
Java
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-35873] Missing Authentication check in SAP NetWeaver Process Integration (Runtime Workbench)
3343564
CVSS
6.5
Affected system type
Java
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-35872] Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool)
3341211
CVSS
6.3
Affected system type
ABAP
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-35870] Improper Access Control in SAP S/4HANA (Manage Journal Entry Template)
3326769
CVSS
6.1
Affected system type
SAP Enable Now
Patchday
2023-07
Released on
2023/07/11
Description
[Multiple CVEs] Multiple Vulnerabilities in SAP Enable Now
3318850
CVSS
6.0
Affected system type
Kernel
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-35874] Improper authentication vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
3320702
CVSS
5.9
Affected system type
BI/BO platform
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-36917] Password Change rate limit bypass in SAP BusinessObjects Business Intelligence Platform
3324732
CVSS
5.3
Affected system type
Java
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-31405] Log Injection vulnerability in SAP NetWeaver AS for Java (Log Viewer)
3351410
CVSS
4.9
Affected system type
ABAP
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-36924] Log Injection vulnerability in SAP ERP Defense Forces and Public Security
3088078
CVSS
4.5
Affected system type
BI/BO platform
Patchday
2023-07
Released on
2023/07/11
Description
[CVE-2023-33992] Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA