We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Hey there! Glad you made it.
We have found 10 security advices for you to review.
Severity
SAP© Security advisories 10
System Types
Affected SAP© system types
3434839
CVSS
8.8
Affected system type
Java
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-27899] Security misconfiguration vulnerability in SAP NetWeaver AS Java User Management Engine
3421384
CVSS
7.7
Affected system type
BI/BO platform
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-25646] Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence
3438234
CVSS
7.2
Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-27901] Directory Traversal vulnerability in SAP Asset Accounting
3442741
CVSS
6.8
Affected system type
SAP Edge Integration
Patchday
2024-04
Released on
2024/04/09
Description
Stack overflow vulnerability on the component images of SAP Integration Suite (EDGE INTEGRATION CELL)
3442378
CVSS
6.5
Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-28167] Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data)
3359778
CVSS
6.5
Affected system type
Kernel
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-30218] Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
3425188
CVSS
5.3
Affected system type
Java
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-27898] Server-Side Request Forgery in SAP NetWeaver (tc~esi~esp~grmg~wshealthcheck~ear)
3421453
CVSS
4.8
Affected system type
SAP Business Connector
Patchday
2024-04
Released on
2024/04/09
Description
[Multiple CVEs] Cross-Site Scripting (XSS) vulnerabilities in SAP Business Connector
3427178
CVSS
4.3
Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-30216] Missing Authorization check in SAP S/4 HANA (Cash Management)
3430173
CVSS
4.3
Affected system type
ABAP
Patchday
2024-04
Released on
2024/04/09
Description
[CVE-2024-30217] Missing Authorization check in SAP S/4 HANA (Cash Management)