Your review has been sent successfully

SAP Update

2866
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

11 December, 2019

● Medium

2019-707

All

Description:

SAP has released security update to address multiple vulnerabilities in the following products:

  • SAP Business Client Version: 6.5
  • SAP Adaptive Server Enterprise Version: 15.7, 16.0
  • SAP ERP HCM (SAP_HRCES) Version: 3
  • SAP Enable Now Version: 1911
  • SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad) Version: 4.2
  • SAP Portfolio and Project Management Versions: 4CORE 102, 103, EPPM 100, CPRXRPM 500_702, 600_740, 610_740
  • SAP BusinessObjects Business Intelligence Platform (Monitoring Application) Versions: 4.1, 4.2, 4.3

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Cross-site scripting attack (XSS)
  • Cross-site request forgery (CSRF).
  • Information disclosure.

Best practice and Recommendations:

The CERT team encourages users to update the affected products and to review SAP security advisory: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397

Last updated at 1 January, 2020

Rate the content

rate-icon
up icon