Enterprise software maker SAP has released ten new and two updated security notes, including three that address high-severity vulnerabilities. The most severe vulnerability (CVE-number_1) is a security misconfiguration issue in NetWeaver AS Java User Management Engine (UME).
Two optional features of UME that allow users to self-register and modify their profiles do not adhere to the existing password requirements, accepting simple passwords instead. SAP addressed a high-severity information disclosure flaw in Business Objects Web Intelligence and a high-severity directory traversal bug in Asset Accounting.
Read More : SAP’s April 2024 Updates Patch High-Severity Vulnerabilities
Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.
