SAP recently released12 security notes on their security patch day. They also announced updates for three of their security notes.
The new security notes deal with two big vulnerabilities, a missing authorization check and a denial of service in NetWeaver. While the first vulnerability was identified in the central administration tool for GP and could lead unauthorized access, the second affects SAP NetWeaver AS for Java and an attacker would be able to manipulate HTTP requests.
Moreover, the company released updates for Hot News security notes and another that deals with External Entity vulnerability in SAP Process Integration.
Read More At: Securityweek
For more such updates follow us on Google News ITsecuritywire News.