SAP’s December 2022 Security Updates Patch Critical Vulnerabilities By Orbit Brain December 15, 2022 0 292 views Dwelling › VulnerabilitiesSAP’s December 2022 Safety Updates Patch Crucial VulnerabilitiesBy Ionut Arghire on December 14, 2022TweetGerman software program maker SAP this week introduced the discharge of 14 new and 5 up to date safety notes as a part of its December 2022 Safety Patch Day, together with 4 notes that tackle vital vulnerabilities in Enterprise Shopper, BusinessObjects, NetWeaver, and Commerce.With a CVSS rating of 10, essentially the most extreme of SAP’s safety notes updates a observe launched on April 2018 Patch Day, which offers with software program updates for the Chrome-based browser in SAP Enterprise Shopper.Over the previous month, Google has introduced a number of Chrome updates, together with two emergency patches that tackle zero-day vulnerabilities in variations 107 and 108 of the browser, and SAP is making an attempt to maintain up: the safety observe addresses 34 vulnerabilities, together with 24 high-severity points.The second safety observe that SAP marked as sizzling information – the very best severity rating within the firm’s books – resolves a server-side request forgery (SSRF) within the BusinessObjects platform.Tracked as CVE-2022-41267 (CVSS rating of 9.9), the problem permits an attacker with ‘regular BI consumer privileges’ to switch any file within the BusinessObjects server, on the working system degree, enterprise software safety agency Onapsis explains.“This allows the attacker to take full management of the system and has a major influence on confidentiality, integrity, and availability of the applying,” Onapsis notes.The third sizzling information safety observe in SAP’s December 2022 Safety Patch Day resolves a vital improper entry management flaw in NetWeaver’s consumer outlined search (CVE-2022-41272, CVSS rating of 9.9) that might permit attackers to carry out unauthorized operations.The final sizzling information observe that SAP launched this month offers with a distant command execution bug related to Apache Commons Textual content in SAP Commerce (CVE-2022-42889, CVSS rating of 9.8).Additionally known as Text4Shell, the vulnerability was disclosed in October 2022 and has been in comparison with the infamous Log4Shell vulnerability, though it’s not as widespread.This month, SAP additionally introduced the discharge of 5 high-priority safety notes that resolve vulnerabilities in BASIS, Enterprise Planning and Consolidation, BusinessObjects, Commerce, and SAPUI5. Two of those are updates to notes launched in October and November 2022.The remaining safety notes that SAP introduced on December 2022 Safety Patch Day cope with medium-severity vulnerabilities in Disclosure Administration, NetWeaver, Options Supervisor, BusinessObjects, Sourcing, and Contract Lifecycle Administration.Associated: SAP Patches Crucial Vulnerabilities in BusinessObjects, SAPUI5Associated: SAP Patches Crucial Vulnerabilities in Commerce, Manufacturing Execution MerchandiseAssociated: SAP Patches Excessive-Severity Flaws in Enterprise One, BusinessObjects, GRCGet the Every day Briefing Most CurrentMost LearnCISA Warns Veeam Backup & Replication Vulnerabilities Exploited in AssaultsGoogle Broadcasts Vulnerability Scanner for Open Supply BuildersExcessive-Severity Reminiscence Security Bugs Patched With Newest Chrome 108 ReplaceSAP’s December 2022 Safety Updates Patch Crucial VulnerabilitiesSafety Companies Warn Microsoft of Signed Drivers Used to Kill EDR, AV ProcessesEU Strikes Nearer to Stitching Up New Knowledge Switch Deal With USApple Patches Zero-Day Vulnerability Exploited In opposition to iPhonesICS Patch Tuesday: Siemens Fixes 80 OpenSSL, OpenSSH Flaws in SwitchesHackerOne Surpasses $230 Million in Paid Bug BountiesPatch Tuesday: Microsoft Plugs Home windows Gap Exploited in Ransomware AssaultsSearching for Malware in All of the Mistaken Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Pc Says About YouBe in a Place to Act By way of Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice 12 months To Be a Scammer.Do not Let DNS be Your Single Level of FailureThe way to Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EnticingThe way to Defend In opposition to DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp Business Client BusinessObjects Commerce NetWeaver patch SAP Security Patch Day vulnerability Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
SAP Patches High-Severity NetWeaver VulnerabilitiesIntroducing the Cyber Security News SAP Patches High-Severity NetWeaver Vulnerabilities.... June 15, 2022 Cyber Security News
Proofpoint: Watch Out for Nighthawk Hacking Tool AbuseIntroducing the Cyber Security News Proofpoint: Watch Out for Nighthawk Hacking Tool Abuse.... November 23, 2022 Cyber Security News
Several Horner PLC Software Vulnerabilities Allow Code Execution via Malicious Font FilesIntroducing the Cyber Security News Several Horner PLC Software Vulnerabilities Allow Code Execution via Malicious Font Files.... October 10, 2022 Cyber Security News
UK Teen Arrested Over Rockstar Games, Uber HacksIntroducing the Cyber Security News UK Teen Arrested Over Rockstar Games, Uber Hacks.... September 27, 2022 Cyber Security News
Five Ways TikTok Is Seen as Threat to US National SecurityIntroducing the Cyber Security News Five Ways TikTok Is Seen as Threat to US National Security.... December 22, 2022 Cyber Security News
2023 ICS Patch Tuesday Debuts With 12 Security Advisories From Siemens, SchneiderIntroducing the Cyber Security News 2023 ICS Patch Tuesday Debuts With 12 Security Advisories From Siemens, Schneider.... January 11, 2023 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 75
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71