SAP© Security Advisories - 07 2023 - Severity High

We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!

× Hey there! Glad you made it.
We have found 6 security advices for you to review.

Severity

SAP© Security advisories 6

System Types

Affected SAP© system types

_{Related note}
3352058

_CVSS
7.2

_{Affected system
type}
Java

_Patchday
2023-07

_{Released
on}
2023/07/11

Description
[CVE-2023-36925] Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)

Security Advisory

_{Related note}
3348145

_CVSS
7.2

_{Affected system
type}
Java

_Patchday
2023-07

_{Released
on}
2023/07/11

Description
[CVE-2023-36921] Header Injection in SAP Solution Manager (Diagnostic Agent)

Security Advisory

_{Related note}
3331029

_CVSS
7.8

_{Affected system
type}
Sybase platform

_Patchday
2023-07

_{Released
on}
2023/07/11

Description
[CVE-2023-33990] Denial of service (DOS) vulnerability in SAP SQL Anywhere

Security Advisory

_{Related note}
3233899

_CVSS
8.6

_{Affected system
type}
Kernel

_Patchday
2023-07

_{Released
on}
2023/07/11

Description
[CVE-2023-33987] Request smuggling and request concatenation vulnerability in SAP Web Dispatcher

Security Advisory

_{Related note}
3340735

_CVSS
7.7

_{Affected system
type}
Kernel

_Patchday
2023-07

_{Released
on}
2023/07/11

Description
[CVE-2023-35871] Memory Corruption vulnerability in SAP Web Dispatcher

Security Advisory

_{Related note}
3331376

_CVSS
8.7

_{Affected system
type}
ABAP

_Patchday
2023-07

_{Released
on}
2023/07/11

Description
[CVE-2023-33989] Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)

Security Advisory

Notifications

Severity

SAP© Security advisories 6

System Types

Affected SAP© system types

Related note 3352058

CVSS 7.2

Affected system type Java

Patchday2023-07

Released on2023/07/11

Related note 3348145

CVSS 7.2

Affected system type Java

Patchday2023-07

Released on2023/07/11

Related note 3331029

CVSS 7.8

Affected system type Sybase platform

Patchday2023-07

Released on2023/07/11

Related note 3233899

CVSS 8.6

Affected system type Kernel

Patchday2023-07

Released on2023/07/11

Related note 3340735

CVSS 7.7

Affected system type Kernel

Patchday2023-07

Released on2023/07/11

Related note 3331376

CVSS 8.7

Affected system type ABAP

Patchday2023-07

Released on2023/07/11

_{Related note}
3352058

_CVSS
7.2

_{Affected system
type}
Java

_Patchday
2023-07

_{Released
on}
2023/07/11

_{Related note}
3348145

_CVSS
7.2

_{Affected system
type}
Java

_Patchday
2023-07

_{Released
on}
2023/07/11

_{Related note}
3331029

_CVSS
7.8

_{Affected system
type}
Sybase platform

_Patchday
2023-07

_{Released
on}
2023/07/11

_{Related note}
3233899

_CVSS
8.6

_{Affected system
type}
Kernel

_Patchday
2023-07

_{Released
on}
2023/07/11

_{Related note}
3340735

_CVSS
7.7

_{Affected system
type}
Kernel

_Patchday
2023-07

_{Released
on}
2023/07/11

_{Related note}
3331376

_CVSS
8.7

_{Affected system
type}
ABAP

_Patchday
2023-07

_{Released
on}
2023/07/11