SAP Family March 2024 Routine Security Update Advisory

Mar 18 2024

Overview

An update has been made available to address a vulnerability in SAP. users of affected versions are advised to update to the latest version.

Affected Products

CVE-2023-44487

SAP HANA Database version 2.0
SAP HANA Extended Application Services Advanced (XS Advanced) 1.0 version

CVE-2019-10744

SAP Build Apps prior to 1.6.145

CVE-2023-50164

SAP BusinessObjects Business Intelligence Platform (Central Management Console) version 4.3

CVE-2023-39439

SAP Commerce HY_COM 2105, HY_COM 2205, COM_CLOUD 2211 versions

CVE-2024-22127

SAP NetWeaver AS Java (Administrator Log Viewer plug-in) 7.50 version

Resolved Vulnerabilities

DoS vulnerability in SAP HANA XS Classic and HANA XS Advanced (CVE-2023-44487)
Code injection vulnerability in applications built with SAP Build Apps (CVE-2019-10744)
Path traversal vulnerability in SAP BusinessObjects Business Intelligence Platform (Central Management Console) (CVE-2023-50164)
Incorrect authentication vulnerability in SAP Commerce Cloud (CVE-2023-39439)
Code Injection Vulnerability in SAP NetWeaver AS Java (CVE-2024-22127)

Vulnerability Patches

vulnerability Patches were made available in the March 12, 2024 update. Please follow the Referenced Sites [1] to update to the latest Vulnerability Patches version.

Referenced Sites

[1] SAP Security Patch Day – March 2024
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2024.html

SAP Family March 2024 Routine Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Apple Family March 2024 1st Security Update Advisory

Mozilla Products March 2024 Secondary Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Apple Family March 2024 1st Security Update Advisory

Mozilla Products March 2024 Secondary Security Update Advisory