Your review has been sent successfully

SAP Alert

2100
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

13 April, 2022

● Critical

2022-4665

All

Description:

SAP has released security updates to address multiple vulnerabilities in the following products:

  • SAP BusinessObjects Business Intelligence Platform
  • SAP NetWeaver Enterprise Portal
  • SAP Focused Run
  • SAP Manufacturing Integration and Intelligence
  • Apache Tomcat server component of SAP Commerce
  • SAP Business Intelligence Platform
  • SAP Web Dispatcher and SAP Netweaver (Internet Communication Manager)
  • XML Data Archiving Service
  • SAP BusinessObjects Business Intelligence Platform (BI Workspace)
  • SAP NW EP WPC
  • SQL Anywhere
  • CMC
  • SAP 3D Visual Enterprise Viewer
  • SAP NetWeaver ABAP Server and ABAP Platform (Adobe LiveCycle Designer 11.0)
  • SAP BusinessObjects Platform
  • SAP NetWeaver Application Server ABAP and ABAP Platform
  • SAP Manufacturing Integration and Intelligence
  • SAP Business Client
  • SAP HANA Extended Application Services
Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Cross-site scripting (XSS)
  • Code Injection
  • Execute arbitrary code
  • Directory Traversal
  • Denial of service attack (DoS)
  • Privilege escalation
  • Information Disclosure
Best practice and Recommendations:

The CERT team encourages users to review SAP security advisory and apply the necessary updates:

Last updated at 13 April, 2022

Rate the content

rate-icon
up icon