Skip to main content

SAP Releases July 2021 Security Updates

Threat ID:
CC-3901
Threat Severity:
Information only
Published:
14 July 2021 10:24 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

SAP 3D Visual Enterprise Viewer Version: 9.0

SAP Business Client Version: 6.5

SAP Business Objects Web Intelligence (BI Launchpad) Versions: 420, 430

SAP CRM Versions: 700, 701, 702, 712, 713, 714

SAP Lumira Server Version: 2.4

SAP NetWeaver AS ABAP and ABAP Platform Versions: 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804  

SAP NetWeaver AS ABAP and ABAP Platform Versions: 700, 702, 730, 731, 804, 740, 750, 784, DEV

SAP NetWeaver AS ABAP and ABAP Platform Versions: KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.77, 7.81, 7.84

SAP NetWeaver AS ABAP (Reconciliation Framework) Versions: 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F

SAP NetWeaver AS JAVA (Administrator applications) Version: 7.50

SAP NetWeaver AS JAVA (Enterprise Portal) Versions: 7.10, 7.20, 7.30, 7.31, 7.40, 7.50

SAP NetWeaver AS for Java (Http Service) Versions: 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50

SAP NetWeaver Guided Procedures (Administration Workset) Versions: 7.10, 7.20, 7.30, 7.31, 7.40, 7.50

SAP Process Integration (Enterprise Service Repository JAVA Mappings) Versions: 7.10, 7.20, 7.30, 7.31, 7.40, 7.50

SAP Web Dispatcher and Internet Communication Manager Versions: KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, KERNEL 7.21, 7.22, 7.49, 7.53, 7.73, 7.77, 7.81, 7.82, 7.83

Threat details

Introduction

SAP has released security updates to address vulnerabilities affecting multiple SAP products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review the SAP Security Notes for July 2021 and apply the necessary updates.

Last edited: 14 July 2021 10:53 am