SAP Security Notes Summary – May 2021

Once a month I’ll publish review all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP Comp.SAP_NotesTitleCVSS ScoreReleased On
Incomplete authorization checks for
import of environmental data
4,325 May 2021
BC-FES-CTL3023078[CVE-2021-27612] SAP GUI for Windows is
vulnerable to redirect users to an untrusted
3,411 May 2021
BC-XI-IBF-UI3012021[Multiple CVEs] Multiple vulnerabilities in SAP
Process Integration (Integration Builder
4,911 May 2021
SBO-BC-INT3049755[CVE-2021-27613] Information Disclosure in SAP Business One
(Chef business-one-cookbook)
7,811 May 2021
SBO-HANA-COM3049661[CVE-2021-27616] Multiple vulnerabilities in SAP Business One, version for SAP HANA
7,811 May 2021
BC-CTS-ORG3046610[CVE-2021-27611] Code Injection vulnerability in SAP NetWeaver AS ABAP8,111 May 2021
CEC-COM-CPS3039818[CVE-2021-27619] Information Disclosure
in SAP Commerce (Backoffice search)
6,511 May 2021
BC-FES-BUS-DSK2622660Security updates for the browser control Google Chromium delivered with SAP Business Client1011 May 2021
BC-WD-JAV2976947[CVE-2021-21491] Reverse TabNabbing vulnerability in SAP NetWeaver Application Server Java
(Applications based on Web Dynpro Java)
4,711 May 2021
BC-XI-IBD-INF2745860Information Disclosure in Enterprise Services
Repository of SAP Process Integration
5,311 May 2021

*The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Copyright © 2024. Privacy Policy