SAP Security Notes Summary – February 2024

Traditionally once a month I’ll publish a review of all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP ComponentNumberTitleCVSS Score Released On
KM-SEN-CMP3404025[CVE-2024-22129] Cross-Site Scripting (XSS) vulnerability in SAP Companion5,413.02.2024
CA-MDG-APP-MM2897391[CVE-2024-24741] Missing Authorization check in SAP Master Data Governance Material4,313.02.2024
BC-JAS-SEC-UME3417627[CVE-2024-22126] Cross Site Scripting vulnerability in NetWeaver AS Java (User Admin Application)8,813.02.2024
CA-WUI-UI3410875[CVE-2024-22130] Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)7,613.02.2024
BC-FES-BUS3396109[CVE-2024-22128] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML4,713.02.2024
CA-WUI-WKB3158455[CVE-2024-24742] Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)4,113.02.2024
FIN-FSCM-CLM2637727[CVE-2024-24739] Missing authorization check in SAP Bank Account Management6,313.02.2024
BC-FES-ITS3360827[CVE-2024-24740] Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP (SAP Kernel)5,313.02.2024
XX-IDES3421659[CVE-2024-22132] Code Injection vulnerability in SAP IDES Systems7,413.02.2024
CA-SUR3420923[CVE-2024-22131] Code Injection vulnerability in SAP ABA (Application Basis)9,113.02.2024
PA-FIO-OVT3237638[CVE-2024-25643] Missing authorization check in SAP Fiori app (“My Overtime Requests”)4,313.02.2024
BC-FES-BUS-DSK2622660Security updates for the browser control Google Chromium delivered with SAP Business Client1013.02.2024
BC-GP3426111[CVE-2024-24743] XXE vulnerability in SAP NetWeaver AS Java (Guided Procedures)8,613.02.2024
BC-MID-SCC3424610[CVE-2024-25642] Improper Certificate Validation in SAP Cloud Connector7,413.02.2024
BC-FES-WGU3385711[CVE-2023-49580] Information disclosure vulnerability in SAP NetWeaver Application Server ABAP7,313.02.2024
source: www.sap.com

*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2024. SAPBasisWorld.com Privacy Policy