Onapsis Research Labs
Onapsis Research Labs is a team of the world’s leading cybersecurity experts dedicated to uncovering and mitigating threats in business-critical applications. As the most prolific contributor to SAP and Oracle security research, the Labs have discovered and helped patch over 1,000 zero-day vulnerabilities. Their threat intelligence powers the Onapsis Platform, ensuring that organizations can defend their ERP landscapes against the latest sophisticated attacks before they are exploited in the wild.
Protecting Oracle E-Business Suite: Encrypt Web Interface (HTTPS)
To keep our readers informed about security risks and mitigation techniques to Oracle’s biggest ERP, E-Business Suite (EBS), we’re sharing how to configure secure and encrypted web browsing through HTTPS protocol.
SAP Security Notes August 2017: Remote Code Injection Vulnerability in JAVA Component
Directory Traversal vulnerability in SAP NetWeaver AS Java Web Container (#2486657): These types of attacks always affect the confidentiality of information, since it allows an attacker to read arbitrary files that shouldn’t be accessed. Its high impact on confidentiality makes its CVSS score the highest of this month. An AS Java Web Container without a proper validation of path information could be impacted due to an attacker reading the content of arbitrary files on the remote server, exposing sensitive data.