SAP’s Security Snafu: Critical Vulnerabilities Demand Immediate Patching

SAP has patched over a dozen security flaws, including two critical ones, that could let attackers take full control of systems. A “missing authentication check” in SAP BusinessObjects and a server-side request forgery (SSRF) in SAP Build Apps were among the most severe. Patch now to avoid potential breaches.

3P
Published: August 14, 2024 3:25 pmAdded: August 15, 2024 at 1:44 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Oh SAP, you had one job – to secure your system! Instead, you handed out logon tokens like Oprah giving away cars. “You get a token, you get a token, everybody gets a token!”

Key Points:

  • SAP fixed over a dozen security vulnerabilities, including two critical ones.
  • The most severe flaw, CVE-2024-41730, has a severity score of 9.8 and affects SAP BusinessObjects Business Intelligence Platform.
  • The second critical flaw, CVE-2024-29415, is an SSRF vulnerability in SAP Build Apps, with a severity score of 9.1.
  • SAP also patched four high-severity vulnerabilities in various products, including SAP S/4 HANA and SAP Commerce Cloud.
  • Cybercriminals are likely to scan for unpatched systems, given SAP’s widespread use among top global companies.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?