SAP Security Notes Review: June 2019

SAP Security Notes Review June 2019

Share This Post

SAP’s security patch day for June 2019 has seen the release of 12 SAP security notes with only one High and no critical CVSS v3.0 Rating.

SAP Security notes by CVSS v3 Base Score June 2019

Four security notes in June 2019 refer to NetWeaver PI. Two have been released for Solution Manager 7.2. In addition to that, another two have been released for SAP Business Objects and Inventory Manager. The others are spread across a range of products including SAP HANA XS and CRM.

SAP Security notes by product category June 2019

 

Critical and High Vulnerabilities: June 2019 Highlights

SAP Solution Manager 7.2

One high rated vulnerability has been identified and corrected in SAP Solution Manager 7.2.

This sap note SAP Note 2748699 fixes insufficient protection of files containing user and password information.

Other Vulnerabilities

There are further medium vulnerabilities affecting SAP NetWeaver AS ABAP and NetWeaver PI which will affect a broad range of customers using almost any current ABAP based SAP product – these cover a broad range of SAP Kernels and a common software component. Probably worth checking these for your organisation!

 

About this review

On the second Tuesday of each month, SAP release security updates to their software products.  At Absoft, we analyse all of the released security updates and produce this security review, including sending bespoke recommendations for each of our managed service customers.

There is more information on how we handle SAP security updates, including information on SAP’s process, the CVE process and the CVSS base scores in our earlier article on addressing security vulnerabilities in SAP software.

SAP Security Notes patching June 2019

Search by a topic below...

Read our latest articles...

Didn’t find what you are looking for? Send us your questions.

We are here to help.
Colleagues at work at Absoft SAP Consultancy