SAP Patch Day: October 2024

SAP Patch Day: November 2024

SAP Patch Day for January 2023 addresses HotNews for SAP NetWeaver AS ABAP May Could Require Fixes in Custom Code. Find out...

Information Security and the Integrity of Financial Reporting

Securing Information Integrity and trust will always remain important in relationships and transactions. This requires...

Assessing Your SAP Implementation: Tips from Onapsis Research Labs

Learn how the S_ICF authorization object in SAP ABAP systems enhances security by restricting access to RFC destinations,...

SAP Note	Type	Description	Priority	CVSS
3479478	Update	[CVE-2024-41730] Missing Authentication check in SAP BusinessObjects Business Intelligence Platform BI-BIP-INV	HotNews	9.8
3523541	New	[CVE-2022-23302] Multiple vulnerabilities in SAP Enterprise Project Connection CA-EPC	High	8.0
3478615	New	[CVE-2024-37179] Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) BI-RA-WBI-BE	High	7.7
3483344	Update	[CVE-2024-39592] Missing Authorization check in SAP PDCE FIN-BA	High	7.7
3477359	Update	[CVE-2024-45283] Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service) BC-JAS-SEC-DST	Medium	6.0
3507545	New	[CVE-2024-45278] Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice CEC-SCC-CDM-BO-APP	Medium	5.4
3503462	New	[CVE-2024-47594] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal (KMC) EP-KM-ADM-CFG	Medium	5.4
3520100	New	[CVE-2024-45277] Prototype Pollution vulnerability in SAP HANA Client HAN-DB-CLI	Medium	4.3
3251893	New	[CVE-2024-45282] HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements) FI-FIO-AR	Medium	4.3
3481588	Update	[CVE-2024-41729] Information Disclosure vulnerability in the SAP NetWeaver BW (BEx Analyzer) BW-BEX-ET-WB-7X	Medium	4.3
3479293	Update	[CVE-2024-42373] Missing Authorization Check in SAP Student Life Cycle Management (SLcM) IS-HER-CM-AD	Medium	4.3
3454858	Update	[CVE-2024-37180] Information Disclosure vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform BC-SRV-DX-DXW	Medium	4.1

Safeguarding Tomorrow: Empowering SAP Customers with Advanced Cyber Risk Management

Securing SAP Business Technology Platform (BTP)

CH4TTER: Threat Actors Attacking SAP Applications

Anatomy of an Attack: C2 Incident on SAP

Your S/4HANA Cloud Journey

SAP Patch Day: October 2024

Tags

About the Author

SAP Patch Day: November 2024

Information Security and the Integrity of Financial Reporting

Assessing Your SAP Implementation: Tips from Onapsis Research Labs