SAP Security Notes Summary – October 2024

Traditionally once a month I’ll publish a review of all SAP security notes and news that were released in a given month. SAP Security Notes contain SAP’s expert advice regarding important action items and patches to ensure the security of your systems.

SAP ComponentNumberTitleCVSS Score Released On
PP-PI-MD-PRV3525971Other vulnerability in service UI_PRODUCTIONVERSION4,310.10.2024
BC-SRV-DX-DXW3454858[CVE-2024-37180] Information Disclosure vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform4,108.10.2024
BI-BIP-INV3479478[CVE-2024-41730] Missing Authentication check in SAP BusinessObjects Business Intelligence Platform9,808.10.2024
BC-SYB-REP3495876[Multiple CVEs] Multiple vulnerabilities in SAP Replication Server (FOSS)6,508.10.2024
BI-RA-WBI-BE3478615[CVE-2024-37179] Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence)7,708.10.2024
CEC-SCC-CDM-BO-APP3507545[CVE-2024-45278] Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice5,408.10.2024
CA-EPC3523541[CVE-2022-23302] Multiple vulnerabilities in SAP Enterprise Project Connection8,008.10.2024
HAN-DB-CLI3520100[CVE-2024-45277] Prototype Pollution vulnerability in SAP HANA Client4,308.10.2024
BC-JAS-SEC-DST3477359[CVE-2024-45283] Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service)6,008.10.2024
EP-KM-ADM-CFG3503462[CVE-2024-47594] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal (KMC)5,408.10.2024
source: www.sap.com

*The characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

Copyright © 2025. SAPBasisWorld.com Privacy Policy