SAP Releases April 2023 Security Updates
Scheduled security updates address vulnerabilities affecting multiple products
Summary
Scheduled security updates address vulnerabilities affecting multiple products
Affected platforms
The following platforms are known to be affected:
The following platforms are also known to be affected:
- SAP Diagnostics Agent
- SAP GUI for HTML
- SAP Customer Relationship Manager (CRM)
- SAP Web Dispatcher and Internet Communication Manager
- SAP Commerce
- SAP Application Interface Framework
Threat details
Introduction
SAP has released security updates to address multiple vulnerabilities, which are covered in nineteen new security notes and five updates to previous notes. Five of these vulnerabilities are rated as critical and one vulnerability is rated as high. An attacker could exploit some of these vulnerabilities to perform remote code execution, cross site scripting (XSS), denial-of-service, or other malicious activity.
Remediation advice
Affected organisations are encouraged to review the SAP Security Notes for April 2023 and apply the necessary updates.
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 11 April 2023 1:28 pm