SAP Product Security Update Advisory

Aug 14 2024

Overview

An update has been released to address vulnerabilities in SAP products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-41730

SAP BusinessObjects Business Intelligence Platform versions: Enterprise 430, 440

CVE-2024-29415

SAP Build Apps version: ~ 4.11.130 (excluded)

Resolved Vulnerabilities

Missing authentication check vulnerability in SAP BusinessObjects Business Intelligence Platform (CVE-2024-41730)

SSRF vulnerability in applications built with SAP Build Apps (CVE-2024-29415)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available with the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-41730

Security patch provided separately, see Referenced Sites[3] to update

CVE-2024-29415

SAP Build Apps version: 4.11.130

References

[1] CVE-2024-41730 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-41730

[2] CVE-2024-29415 Detai

https://nvd.nist.gov/vuln/detail/CVE-2024-29415

[3] sap/notes/3478478

detail https://me.sap.com/notes/3479478

[4] sap/notes/3477196

https://me.sap.com/notes/3477196

SAP Product Security Update Advisory

ManageEngine (ADAudit Plus, ADAudit Plus, and others) Family August 2024 Security Update Advisory

MS Family August 2024 Routine Security Update Advisory

Tags:

ManageEngine (ADAudit Plus, ADAudit Plus, and others) Family August 2024 Security Update Advisory

MS Family August 2024 Routine Security Update Advisory