Traditionally once a month I’ll publish a review of all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.
|Cross-Site Request Forgery (CSRF) vulnerability in multiple SAP Sybase products
|[CVE-2023-31403] Improper Access Control vulnerability in SAP Business One product installation
|[CVE-2023-41366] Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform
|[CVE-2023-42480] Information Disclosure in NetWeaver AS Java Logon
*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.