Your review has been sent successfully

SAP Updates

1805
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

14 July, 2021

● High

2021-3182

All

Description:

SAP has released a security updates to address multiple vulnerabilities in the following products:

  • SAP Business Client
    • 6.5
  • SAP NetWeaver AS ABAP and ABAP Platform
    • 700,701,702,731,740,750,751,752,753,754,755,804
  • SAP NetWeaver Guided Procedures (Administration Workset)
    • 7.10, 7.20, 7.30, 7.31, 7.40, 7.50
  • SAP NetWeaver AS for Java (Http Service)
    • 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50
  • SAP CRM
    • 700, 701, 702, 712, 713, 714
  • SAP Process Integration (Enterprise Service Repository JAVA Mappings)
    • 7.10, 7.20, 7.30, 7.31, 7.40, 7.50
  • SAP NetWeaver AS ABAP and ABAP Platform
    • 700, 702, 730, 731, 804, 740, 750, 784, DEV
  • SAP NetWeaver AS ABAP (Reconciliation Framework)
    • 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F
  • SAP Lumira Server
    • 2.4
  • SAP Web Dispatcher and Internet Communication Manager
    • KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, KERNEL 7.21, 7.22, 7.49, 7.53, 7.73, 7.77, 7.81, 7.82, 7.83
  • SAP NetWeaver AS ABAP and ABAP Platform
    • KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.77, 7.81, 7.84
  • SAP NetWeaver AS JAVA (Enterprise Portal)
    • 7.10, 7.20, 7.30, 7.31, 7.40, 7.50
  • SAP Business Objects Web Intelligence (BI Launchpad)
    • 420, 430
  • SAP NetWeaver AS JAVA (Administrator applications)
    • 7.50

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Cross-site scripting (XSS)
  • Information disclosure
  • Missing authentication
  • Missing authorization check
  • Code Injection

Best practice and Recommendations:

The CERT team encourages users to review SAP security advisory and apply the necessary updates:

Last updated at 14 July, 2021

Rate the content

rate-icon
up icon