SAP Security Notes Summary – May 2021

Once a month I’ll publish review all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP Comp.SAP_NotesTitleCVSS ScoreReleased On
Incomplete authorization checks for
import of environmental data
4,325 May 2021
BC-FES-CTL3023078[CVE-2021-27612] SAP GUI for Windows is
vulnerable to redirect users to an untrusted
3,411 May 2021
BC-XI-IBF-UI3012021[Multiple CVEs] Multiple vulnerabilities in SAP
Process Integration (Integration Builder
4,911 May 2021
SBO-BC-INT3049755[CVE-2021-27613] Information Disclosure in SAP Business One
(Chef business-one-cookbook)
7,811 May 2021
SBO-HANA-COM3049661[CVE-2021-27616] Multiple vulnerabilities in SAP Business One, version for SAP HANA
7,811 May 2021
BC-CTS-ORG3046610[CVE-2021-27611] Code Injection vulnerability in SAP NetWeaver AS ABAP8,111 May 2021
CEC-COM-CPS3039818[CVE-2021-27619] Information Disclosure
in SAP Commerce (Backoffice search)
6,511 May 2021
BC-FES-BUS-DSK2622660Security updates for the browser control Google Chromium delivered with SAP Business Client1011 May 2021
BC-WD-JAV2976947[CVE-2021-21491] Reverse TabNabbing vulnerability in SAP NetWeaver Application Server Java
(Applications based on Web Dynpro Java)
4,711 May 2021
BC-XI-IBD-INF2745860Information Disclosure in Enterprise Services
Repository of SAP Process Integration
5,311 May 2021

*The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2023. Privacy Policy