SAP Releases December 2022 Security Updates

Scheduled security updates address vulnerabilities affecting multiple products

Threat ID:: CC-4227
Threat Severity:: Information only
Published:: 14 December 2022 1:27 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled security updates address vulnerabilities affecting multiple products

Affected platforms

The following platforms are known to be affected:

Versions:

SAP BusinessObjects Business Intelligence Platform

SAP Business Client

SAP NetWeaver Application Server

The following platforms are also known to be affected:

SAP Business Planning and Consolidation
SAP Commerce Webservices 2.0
SAP Disclosure Management
SAP NetWeaver Process Integration
SAP Solution Manager
SAP Sourcing and SAP Contract Lifecycle Management

Threat details

Introduction

SAP has released security updates to address multiple vulnerabilities, which are covered in twelve new security notes and four updates to previous notes. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review the SAP Security Notes for December 2022 and apply the necessary updates.

Definitive source of threat updates

https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10

Last edited: 14 December 2022 1:28 pm