Security Advisories

The Onapsis Research Labs delivers regular SAP® and Oracle® vulnerability research to our ecosystem of customers, partners and the information security industry.

Onapsis security advisories enable customers to better understand the security and business implications of discovered SAP and Oracle security issues. This enables organizations to prioritize patches, updates and their remediation strategies to ensure continuity of the business. Onapsis security advisories, together with vendor patches and security notes, are available for download to provide vendors and end-users with the necessary information to mitigate advanced threats to mission-critical applications running on SAP and Oracle.

High
SAP
11/21/2021
Memory Corruption Vulnerability in SAP NetWeaver Gateway Service
An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system causing the system to crash…
Medium
SAP
11/21/2021
Exposed Sensitive Information within SAP Enterprise Portal
One HTTP endpoint of the portal exposes sensitive information that could be used by an attacker with administrator privileges, in conjunction with other attacks (e.g. XSS).
Critical
SAP
06/14/2021
OS Command Injection Vulnerability in SAP Wily Introscope Enterprise
The vulnerability can allow an attacker to inject OS commands and thus gain complete control of the host running the CA Introscope Enterprise Manager. That exploit can be started remotely and does…
High
SAP
06/14/2021
Hard-coded Credentials in CA Introscope Enterprise Manager
Unauthenticated attackers can bypass the authentication if the default passwords for Admin and Guest users have not been changed by the administrator. This may impact the confidentiality of the…
High
SAP
06/14/2021
SAP Hybris eCommerce SSRF in Acceleratorservices Module
SAP Hybris accelerator services module is vulnerable to server side request forgery, which means that an authenticated attacker is able to perform POST requests to any valid URL.
High
SAP
06/14/2021
SAP Hybris eCommerce Exposure of Sensitive Information
An attacker can generate download-links sequentially targeting "impex" directory files. As a consequence, they will be able download most of these files, potentially disclosing critical Hybris…
High
SAP
06/14/2021
Denial of Service Vulnerability in SAP SolMan
Any authenticated user of the Solution Manager is able to either perform a Denial of Service or read sensitive information from every SMD Agent connected to the targeted SolMan.
Critical
SAP
06/14/2021
Missing Authentication Check In SAP NetWeaver
A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order  to connect to the respective TCP ports and perform different privileged…
Critical
SAP
06/14/2021
Missing authorization check in SAP Solution Manager
Due to a missing authorization check in SAP Solution Manager LM-SERVICE component a remote authenticated attacker could be able to execute privileged actions in the affected system, including the…
Critical
SAP
06/14/2021
SAP Manufacturing Integration & Intelligence Lack of Server Side Validations
By abusing a Code Injection in SAP MII, an authenticated user with SAP XMII Developer privileges could execute code (including OS commands) on the server.
High
SAP
06/14/2021
Missing Authorization Check in SAP SolMan Experience Monitoring
Any authenticated user of the Solution Manager is able to craft/ upload and execute EEM scripts on the SMDAgents affecting its Integrity, Confidentiality and Availability.
Low
SAP
06/14/2021
SAP Solution Manager Open Redirect from Trace Analysis
Under certain circumstances, an attacker might be able to steal a cookie from the application. It may impact the confidentiality of the service.