Security Warnings

Your review has been sent successfully
Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

SAP Updates

67

Warning Date: 12 October, 2021

Severity Level ● High

Warning Number: 2021-3658

Target Sector: All

Description:

SAP has released a security updates to address multiple vulnerabilities in the following products:

  • SAP Business Client
    • Version – 6.5
  • SAP Environmental Compliance
    • Version - 3.0
  • SAP NetWeaver AS ABAP and ABAP Platform
    • Versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756
  • SAP SuccessFactors Mobile Application (for Android devices)
    • Versions - <2108
  • SAP BusinessObjects Business Intelligence Platform (Crystal Reports)
    • Versions - 420, 430
  • SAP Business One
    • Version - 10.0
  • SAP Business One
    • Version - 10.0
  • SAP NetWeaver AS ABAP and ABAP Platform
    • Versions - 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756
  • SAP NetWeaver Application Server for ABAP (SAP Cloud Print Manager and SAPSprint)
    • Versions - 7.70, 7.70 PI, 7.70BYD
  • SAPUI5
    • Versions - 750, 753, 754
  • SAP NetWeaver
    • Versions - 700, 701, 702, 730
  • SAP NetWeaver AS ABAP and ABAP Platform
    • Versions - 740, 750, 751, 752, 753, 754, 755
  • SAP BusinessObjects Analysis, (edition for OLAP)
    • Versions - 420, 430
  • SAP NetWeaver AS ABAP and ABAP Platform
    • Versions - 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Cross-site scripting (XSS)
  • Code Injection

Best practice and Recommendations:

The CERT team encourages users to review SAP security advisory and apply the necessary updates:

Last updated at 12 October, 2021

Rate the content

rate-icon