Category - Security

1
[CVE-2022-22536] – major vulnerability in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher
2
SAP Security Notes Summary – January 2022
3
SAP Security Notes Summary – December 2021
4
SAP – CVE-2021-44228 Apache Log4j Vulnerability
5
SAP Security Notes Summary – November 2021
6
SAP Security Notes Summary – October 2021

[CVE-2022-22536] – major vulnerability in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher

It’s new (08.02.2022) and very important issue becasue CVSS score is 10 (critical). An unauthenticated attacker can prepend a victim’s request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack  could result in complete compromise of Confidentiality, Integrity and Availability of the system.

Read More

SAP – CVE-2021-44228 Apache Log4j Vulnerability

SAP continues to investigate the remote code execution vulnerability (CVE-2021-44228) related to Apache Log4j disclosed on Dec 10, 2021. SAP encourages customers to update to the latest version of Log4j, where applicable. Check regularly updated detailed information in SAP site – here. Additional information about vulnerability in HANA XS and AS Java Core Components.

Read More

Copyright © 2023. SAPBasisWorld.com Privacy Policy