SAP Patches Critical Code Injection and Security Vulnerabilities

8
SAP Patches Critical Code Injection

SAP has recently published ten advisories to document the flaws and fixes for several serious security vulnerabilities. The German software maker also published another seven updates for the security patch released this month. Among them, five carry the highest severity rating of Hot News.

While dealing with various vulnerabilities in the SAP Business Warehouse, the most critical issues carry 9.9 CVSS scores. The first note was addressed as CVE-2021-21465, that SAP described as multiple issues in its business warehouse.

In this context, security provider Onapsis noted that these bugs are in the form of SQL Injection – which misses the authorization check.

Source: SecurityWeek