Search the Community
Showing results for tags 'cmc'.
Found 2 results
-
sap Vulnerabilities in SAP Products Could compromise systems and it's data
Jimi Wikman posted a blog article in Security
Multiple vulnerabilities have been reported in SAP products where things like cross-site scripting (xss) and server side request forgery open up access points through which a hacker can compromise the systems and it's data. These vulnerabilities have been patched in SAP Security Patch Day – July 2020 and it is strongly advised to make that update as soon as possible. SYSTEMS AFFECTED: Multiple Vulnerabilities in SAP NetWeaver AS JAVA (LM Configuration Wizard) (CVE-2020-6286). Security updates for the browser control Google Chromium delivered with SAP Business Client Information Disclosure in SAP NetWeaver (XMLToolkit for Java) (CVE-2020-6285). Multiple vulnerabilities in SAP Disclosure Management (CVE-2020-6267). Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform(BI Launch pad) (CVE-2020-6281). Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform(Bipodata) (CVE-2020-6276). Server-Side Request Forgery in SAP NetWeaver AS JAVA (IIOP service) (CVE-2020-6282). Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC) (CVE-2020-6278). Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) (CVE-2020-6222). Information Disclosure in SAP NetWeaver (ABAP Server) and ABAP Platform (CVE-2020-6280).-
- 1
-
-
- sap netweaver as java
- sap business client
- (and 10 more)
-
Multiple vulnerabilities have been reported in SAP products where things like cross-site scripting (xss) and server side request forgery open up access points through which a hacker can compromise the systems and it's data. These vulnerabilities have been patched in SAP Security Patch Day – July 2020 and it is strongly advised to make that update as soon as possible. SYSTEMS AFFECTED: Multiple Vulnerabilities in SAP NetWeaver AS JAVA (LM Configuration Wizard) (CVE-2020-6286). Security updates for the browser control Google Chromium delivered with SAP Business Client Information Disclosure in SAP NetWeaver (XMLToolkit for Java) (CVE-2020-6285). Multiple vulnerabilities in SAP Disclosure Management (CVE-2020-6267). Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform(BI Launch pad) (CVE-2020-6281). Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform(Bipodata) (CVE-2020-6276). Server-Side Request Forgery in SAP NetWeaver AS JAVA (IIOP service) (CVE-2020-6282). Cross-Site Scripting (XSS) vulnerability in SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC) (CVE-2020-6278). Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) (CVE-2020-6222). Information Disclosure in SAP NetWeaver (ABAP Server) and ABAP Platform (CVE-2020-6280). View full blog article
