14th of January 2020, Security Patch Day, SAP released six new Security Notes and one update to a previously released note. Highlights A Cross-Site Scripting (XSS) vulnerabily in the REST adapter of SAP PI was addressed. This is especially relevant for clients that make use…
There is no doubt, after the recent events, that the USA will see increased activity as a target for Iranian cyber warfare retaliation. It's certainly a tool Iran has used before and will likely now increase their attack attempts . But if Iran launches an…
Value Help Overview Users of an SAP System can use the F4 key to obtain information about the possible input values for a certain field on the screen. This Value Help functionality is very useful for the users as it provides the list of appropriate…
Highlights Yearend is approaching fast. Winter is comming and most people will soon be enjoying the holiday season. It is thus not a surprise the SAP Security & Response Team did not want to load its customers with tons of work. Out of 7 only…
With year-end rapidly approaching SAP SE is not yet tired in releasing new security patches for their product portfolio. Highlights This week (CW46) we find 11 new patches complimented by 4 updates for previously released snotes. The four updates concern "hot news". We recommend any…
Tuesday 8th of October SAP released 7 new security patches and 1 update to an already released patch. Any software application demands continuous patching, also SAP enterprise solutions. SAP applications are processing your most valuable data assets and shall be protected, run stable, comply with…
SAP released the monthly security patches for its platform on September 10th. This release contained four corrections with the severity rating "very high" or as SAP refers to them, "Hot News". Additionally, one correction has been made with the severity rating "High". Continuous patching of…
We’re probably all aware of the potential risk incurred in having the SAP_ALL profile in a user’s authorizations. This authorization profile allows the user access to perform an almost unlimited number of tasks within an SAP system, which needless to say should be highly restricted…