Free Trial

SAP Latest Security Patch released

buy generic ivermectin Overview :
Latest vulnerabilities discovered in SAP products
Vught Affected Product(s) :
  • SAP
Vulnerability Details :
CVE ID : CVE-2019-0367
[CVE-2019-0367Missing Authorization Check in B2B Content Manager of B2B Add-On for SAP NetWeaver Process Integration
Product – SAP NetWeaver Process Integration (B2B Toolkit), Versions – 1.0, 2.0
CVE ID : CVE-2019-0365
Update to Security Note released on September 2019 Patch Day:
[CVE-2019-0365Denial of service (DOS) in SAP Kernel (RFC), SAP GUI for Windows and SAP GUI for Java
Product – SAP Kernel (RFC), Versions – KRNL32NUC, KRNL32UC and KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL 7.21, 7.49, 7.53, 7.73, 7.76
CVE ID : CVE-2019-0369,CVE-2019-0370
[CVE-2019-0370Multiple Vulnerabilities in SAP Financial Consolidation
Additional CVE ID – CVE-2019-0369
Product – SAP Financial Consolidation, Versions – 10.0, 10.1
CVE ID : CVE-2019-0374, CVE-2019-0375, CVE-2019-0376, CVE-2019-0377, CVE-2019-0378
[CVE-2019-0374] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)
Additional CVE IDs – CVE-2019-0375CVE-2019-0376CVE-2019-0377CVE-2019-0378

Product – SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), Versions – 420, 430
CVE ID : CVE-2019-0368
[CVE-2019-0368Cross-Site Scripting (XSS) vulnerability in Customer relationship management (Email management)
Product – SAP Customer Relationship Management (Email Management), Versions – S4CRM 100, 200; BBPCRM 700, 701, 702, 712, 713, 714
CVE ID : CVE-2019-0381
[CVE-2019-0381Binary Planting vulnerability in SAP SQL Anywhere, SAP IQ and SAP Dynamic Tiering
Product – SAP IQ, Version – 16.1
Product – SAP SQL Anywhere, Version – 17.0
Product – SAP Dynamic Tiering, Version – 1.0, 2.0
CVE ID : CVE-2019-0380
[CVE-2019-0380] Information Disclosure vulnerability in SAP Landscape Management Enterprise
Product – SAP Landscape Management enterprise edition, Version – 3.0
CVE ID : CVE-2019-0379
[CVE-2019-0379] Missing Authentication Check in AS2 Adapter of B2B Add-On for SAP NetWeaver Process Integration
Product – SAP NetWeaver Process Integration (AS2 Adapter), Versions – 1.0, 2.0

Remediation / Fixes :

SAP strongly recommends that the customer visits the Support Portal and applies patches on a priority to protect their SAP landscape.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-4291 : Frauscher Sensortechnik FDS101 For FAdC 1.4.24 Code Injection

CVE-2023-4291 : Frauscher Sensortechnik FDS101 For FAdC 1.4.24 Code Injection

Description Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE)

Learn more
CVE-2023-2163 : Linux Kernel 5.4 BPF kernel/bpf/verifier.c backtrack_insn calculation

CVE-2023-2163 : Linux Kernel 5.4 BPF kernel/bpf/verifier.c backtrack_insn calculation

Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe,

Learn more
CVE-2023-42454 : SQLpage Up To 0.11.0 Database Connection String sqlpage/sqlpage.json Information Disclosure

CVE-2023-42454 : SQLpage Up To 0.11.0 Database Connection String sqlpage/sqlpage.json Information Disclosure

Description SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly,

Learn more