SAP Security Notes Summary – August 2022

Traditionally once a month I’ll publish review all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP ComponentNumberTitleCVSS Score Released On
BC-MID-RFC3150454Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform4,923.08.2022
BC-FES-BUS-DSK2622660Security updates for the browser control Google Chromium delivered with SAP Business Client1023.08.2022
KM-KW-HTA3102769[CVE-2021-42063] Cross-Site Scripting (XSS) vulnerability in SAP Knowledge Warehouse8,823.08.2022
BC-FES-BUS-DSK3156484Information Disclosure vulnerability in SAP Business Client6,509.08.2022
IS-A2726124Missing Authorization Check in multiple components under SAP Automotive Solutions6,309.08.2022
BI-BIP-CMC3213524[CVE-2022-32244] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Commentary DB)5,209.08.2022
BI-BIP-ADM3213507[CVE-2022-31596] Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Monitoring DB)5,209.08.2022
BI-BIP-INV3210823[CVE-2022-32245] Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Open Document)8,209.08.2022
KM-SEN-MGR3210566[CVE-2022-35293] Missing authorization check in SAP Enable Now Manager4,209.08.2022
XX-CSC-PT-LO2522794Missing Authorization check in Portugal Digital Signature6,309.08.2022
BC-IAM-SSO-OTP3216653[CVE-2022-35290] Information Disclosure in SAP Authenticator for Android5,309.08.2022
source: www.sap.com

*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2023. SAPBasisWorld.com Privacy Policy