Security News > 2020 > November > SAP Patches Several Critical Vulnerabilities With November 2020 Security Updates

SAP Patches Several Critical Vulnerabilities With November 2020 Security Updates
2020-11-12 04:35

SAP's security updates for November 2020 patch several critical vulnerabilities affecting the company's Solution Manager, Data Services, ABAP, S4/HANA, and NetWeaver products.

One of the hot news patches resolves a total of four vulnerabilities related to missing authentication checks in SolMan, which provides a central management interface for SAP and non-SAP systems.

Another hot news patch addresses two vulnerabilities in SAP Data Services.

A code injection vulnerability affecting SAP AS ABAP and S/4 HANA and a privilege escalation issue in SAP NetWeaver Application Server for Java have also been rated hot news.

Three of the new patches address high-severity vulnerabilities, including server-side request forgery and reflected cross-site scripting issues in SAP Fiori Launchpad, an information disclosure issue in SAP Commerce Cloud, and DoS and SSRF bugs in Commerce Cloud.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/HwPqK7hmTmE/sap-patches-several-critical-vulnerabilities-november-2020-security-updates

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
SAP 329 25 680 386 113 1204