Security News > 2020 > November > SAP Patches Several Critical Vulnerabilities With November 2020 Security Updates
SAP's security updates for November 2020 patch several critical vulnerabilities affecting the company's Solution Manager, Data Services, ABAP, S4/HANA, and NetWeaver products.
One of the hot news patches resolves a total of four vulnerabilities related to missing authentication checks in SolMan, which provides a central management interface for SAP and non-SAP systems.
Another hot news patch addresses two vulnerabilities in SAP Data Services.
A code injection vulnerability affecting SAP AS ABAP and S/4 HANA and a privilege escalation issue in SAP NetWeaver Application Server for Java have also been rated hot news.
Three of the new patches address high-severity vulnerabilities, including server-side request forgery and reflected cross-site scripting issues in SAP Fiori Launchpad, an information disclosure issue in SAP Commerce Cloud, and DoS and SSRF bugs in Commerce Cloud.
News URL
Related news
- Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (source)
- Ivanti vows to transform its security operating model, reveals new vulnerabilities (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- OpenAI's GPT-4 can exploit real vulnerabilities by reading security advisories (source)
- 73% of SME security pros missed or ignored critical alerts (source)
- 10 Critical Endpoint Security Tips You Should Know (source)
- BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023 (source)
- DHS establishes AI Safety and Security Board to protect critical infrastructure (source)
- U.S. Government Releases New AI Security Guidelines for Critical Infrastructure (source)
- Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks (source)