SAP Security Notes Summary – April 2024

Traditionally once a month I’ll publish a review of all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP ComponentNumberTitleCVSS Score Released On
BC-FES-BUS-DSK2622660Security updates for the browser control Google Chromium delivered with SAP Business Client1023.04.2024
KM-SEN-MGR3441944[CVE-2024-32730] Missing authorization check in SAP Enable Now Manager6,523.04.2024
LOD-HCI-PI-OP-NM3442741Stack overflow vulnerability on the component images of SAP Integration Suite (EDGE INTEGRATION CELL)6,89.04.2024
BI-RA-WBI3421384[CVE-2024-25646] Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence7,79.04.2024
BC-MID-BUS3421453[Multiple CVEs] Cross-Site Scripting (XSS) vulnerabilities in SAP Business Connector4,89.04.2024
FIN-FSCM-CLM-BAM3430173[CVE-2024-30217] Missing Authorization check in SAP S/4 HANA (Cash Management)4,39.04.2024
FIN-FSCM-CLM-BAM3427178[CVE-2024-30216] Missing Authorization check in SAP S/4 HANA (Cash Management)4,39.04.2024
BC-CST-DP3359778[CVE-2024-30218] Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform6,59.04.2024
FI-AA-AA-A3438234[CVE-2024-27901] Directory Traversal vulnerability in SAP Asset Accounting7,29.04.2024
BC-ESI-WS-JAV-RT3425188[CVE-2024-27898] Server-Side Request Forgery in SAP NetWeaver (tc~esi~esp~grmg~wshealthcheck~ear)5,39.04.2024
BC-JAS-SEC-UME3434839[CVE-2024-27899] Security misconfiguration vulnerability in SAP NetWeaver AS Java User Management Engine8,89.04.2024
PA-FIO-LEA3164677[CVE-2022-29613] Information Disclosure vulnerability in SAP Employee Self Service(Fiori My Leave Request)6,59.04.2024
MM-FIO-PUR-REQ-SSP3156972[CVE-2023-40306] URL Redirection vulnerability in SAP S/4HANA (Manage Catalog Items and Cross-Catalog search)6,19.04.2024
FIN-CS-CDC-DC3442378[CVE-2024-28167] Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data)6,59.04.2024
source: www.sap.com

*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2024. SAPBasisWorld.com Privacy Policy