Significant security vulnerabilities discovered in SAP NetWeaver

As your partner and specialist for SAP portals, we would like to draw your attention briefly to the current notification.

An XSS vulnerability currently allows the theft of credentials. In addition, an attacker can upload any files to a server and possibly even execute them. SAP already distributes a patch for the vulnerabilities. (Source)

Below we have listed the relevant SAP Notes (for the vulnerabilities discussed in the article) so that you can address the issues before they become problems:

Enterprise Portal Navigation: https://launchpad.support.sap.com/#/notes/2369469/E
SAP NetWeaver Log Viewer: https://launchpad.support.sap.com/#/notes/2372626/E und https://launchpad.support.sap.com/#/notes/2370876/E
SAP Enterprise Portal Theme Editor: https://launchpad.support.sap.com/#/notes/0002372183 und https://launchpad.support.sap.com/#/notes/0002372204
Außerdem ergänzend für die Central Technical Configuration: https://launchpad.support.sap.com/#/notes/2406783

We hope to have helped you with the note. For further questions, we are of course happy to help.

News

Get your free demo

Significant security vulnerabilities discovered in SAP NetWeaver