Security News > 2021 > June > SAP Patches Critical Vulnerabilities in NetWeaver
German software maker SAP this week released 17 new security notes documenting security vulnerabilities being fixed as part of the company's June 2021 SAP Security Patch Day.
SAP NetWeaver received the largest number of patches with a total of 10 security notes documenting and resolving vulnerabilities.
The most important of the new notes addresses an improper authentication vulnerability in NetWeaver ABAP Server and ABAP Platform.
The issue exists because an ABAP server could not correctly identify if communication via RFC or HTTP is between the application servers of the same SAP system or with servers outside the same system.
Three other security notes patch ten memory corruption flaws in NetWeaver ABAP Server and ABAP Platform.
All of the remaining security notes released on SAP's June 2021 Security Patch Day address medium risk vulnerabilities.
News URL
Related news
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List (source)