SAP Patches Critical Security Vulnerabilities and Code Injection

5
SAP Patches Critical Security Vulnerabilities and Code Injection

SAP has recently published ten advisories to document the flaws and fixes for several severe security vulnerabilities. The German software company also posted another seven updates for the security patch released recently. Among them, five hold the highest severity rating of Hot News.

While dealing with various critical vulnerabilities in the SAP Business Warehouse, the most critical issues carry a score of 9.9 CVSS. The first note was addressed as CVE-2021-21465, that SAP described as multiple issues in its business warehouse. 

In this context, cyber-security provider Onapsis announced that these bugs are in the form of SQL Injection – which misses the authorization check. 

Source: SecurityWeek