SAP Security Notes Summary – June 2023

Traditionally once a month I’ll publish a review of all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP ComponentNumberTitleCVSS ScoreReleased On
CA-UI5-COR3324285[CVE-2023-33991] Stored Cross-Site Scripting vulnerability in SAP UI5 (Variant Management)8,227.06.2023
BI-BIP-INV3319400[CVE-2023-31406] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform6,113.06.2023
CRM-IPS-BTX-APL2826092[CVE-2023-33986] Cross-Site Scripting (XSS) vulnerability in SAP CRM ABAP (Grantor Management)6,113.06.2023
BC-CTS-DTR3318657[CVE-2023-33984] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver (Design Time Repository)6,413.06.2023
EP-PIN-NAV3331627[CVE-2023-33985] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver (Enterprise Portal)6,113.06.2023
BC-CTS-TMS-CTR3325642[CVE-2023-32114] Denial of Service in SAP NetWeaver (Change and Transport System)2,713.06.2023
CA-UI5-CTR-BAL3326210[CVE-2023-30743] Improper Neutralization of Input in SAPUI57,113.06.2023
CA-WUI-UI-TAG3322800Update 1 to security note 3315971 – [CVE-2023-30742] Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)6,113.06.2023
CA-WUI-UI-TAG3315971[CVE-2023-30742] Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)6,113.06.2023
KM-KW-HTA3102769[CVE-2021-42063] Cross-Site Scripting (XSS) vulnerability in SAP Knowledge Warehouse8,813.06.2023
LO-MD-BP3142092[CVE-2022-22542] Information Disclosure vulnerability in SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)6,513.06.2023
source: www.sap.com

*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2024. SAPBasisWorld.com Privacy Policy