German software maker SAP has announced the release of 13 new security notes and updates on five security notes. The company also issued a non-band note, with a total of 19 safety notes, to which three more notes should be added or updated.
Eight of the 22 security notes are rated ‘Hot News’ – the highest rate on company books -, the company’s record number. The most important of these risks are CVE-2022-22536, application smuggling and the problem of requesting integration into NetWeaver, Content Server and Web Posting that may be compromised to compromise any Java-based NetWeaver or ABAP application using automated configuration.
Risk may be applied to a single application submitted through the commonly disclosed HTTP (S) service, without confirmation, the business application security company Onapsis explains. An attacker can steal the victim’s time and details in a blank text.
Read More: https://www.securityweek.com/sap-customers-warned-about-critical-icmad-vulnerabilities