Your review has been sent successfully

SAP Alert

2455
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

15 June, 2022

● High

2022-4943

All

Description:

SAP has released security updates to address multiple vulnerabilities in the following products:

  • SAP Business Client, Version -6.5
  • SAP NetWeaver and ABAP Platform, Versions -KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22
  • SAP PowerDesigner Proxy 16.7, Versions -16.7
  • SAP 3D Visual Enterprise Viewer, Version -9.0
  • SAP NetWeaver Application Server for ABAP and ABAP Platform,Version -700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, 788
  • SAP NetWeaver Development Infrastructure (Design Time Repository), Versions -7.30, 7.31, 7.40, 7.50
  • SAP NetWeaver, ABAP Platform and SAP Host Agent, Versions -KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22
  • SAPERP, localization forCEEcountries, Versions -C-CEE110_600, 110_602, 110_603, 110_604, 110_700
  • SAP Financials, Versions -SAP_FIN 618, 720
  • SAP S/4Hana Core, Versions -S4CORE 100, 101, 102, 103, 104, 105, 106, 107, 108
  • SAP Adaptive Server Enterprise (ASE), Versions -KERNEL 7.22, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53
  • SAP NetWeaverASABAP,ASJava, ABAP Platform and HANA Database, Versions -KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.2
  • SAP NetWeaver Developer Studio (NWDS), Versions -7.50
  • SAP Adaptive Server Enterprise (ASE), Versions -KERNEL 7.22, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Escalation of privilege
  • Execute arbitrary code
  • Information Disclosure

Best practice and Recommendations:

The CERT team encourages users to review SAP security advisory and apply the necessary updates:

Last updated at 15 June, 2022

Rate the content

rate-icon
up icon