SAP Family May 2024 Routine Security Update Advisory

May 20 2024

Overview

We have released an update to fix vulnerabilities in CACTI, a network equipment operations monitoring and fault management framework. users of affected versions are advised to update to the latest version.

Affected Products

CVE-2024-28165

SAP Business Objects Business Intelligence Platform versions 430 and 440

CVE-2024-33006

SAP NetWeaver Application Server ABAP and ABAP Platform SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758

Resolved Vulnerabilities

Stored XSS vulnerability in SAP Business Objects Business Intelligence platform (CVE-2024-28165)

File upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP platforms (CVE-2024-33006)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites[1] to update to the latest Vulnerability Patches version.

Referenced Sites

[1] SAP Security Patch Day – May 2024

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2024.html

[2] cve-2024-28165

https://www.cve.org/CVERecord?id=CVE-2024-28165

[3] cve-2024-33006
https://www.cve.org/CVERecord?id=CVE-2024-33006

SAP Family May 2024 Routine Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Google Chrome browser security update advisory

ManageEngine (PAM360) Product May 2024 Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Google Chrome browser security update advisory

ManageEngine (PAM360) Product May 2024 Security Update Advisory