SAP Security Notes Summary – November 2023

Traditionally once a month I’ll publish a review of all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP ComponentNumberTitleCVSS ScoreReleased On
BC-SYB-SQA2494184Cross-Site Request Forgery (CSRF) vulnerability in multiple SAP Sybase products6,314.11.2023
SBO-CRO-SEC3355658[CVE-2023-31403] Improper Access Control vulnerability in SAP Business One product installation9,614.11.2023
BC-CST-IC3362849[CVE-2023-41366] Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform5,314.11.2023
BC-JAS-SEC3366410[CVE-2023-42480] Information Disclosure in NetWeaver AS Java Logon5,314.11.2023

*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2024. Privacy Policy