December 10, 2024 at 08:57AM SAP released nine new and four updated security notes on December 2024 Security Patch Day, addressing critical vulnerabilities in NetWeaver AS for Java. Notably, CVE-2024-47578 poses a significant risk of complete system compromise. Users are urged to implement the security updates promptly, although there are no known active exploits. ### … Read more
November 12, 2024 at 08:24AM On November 2024 patch day, SAP released eight security notes, notably addressing a high-severity vulnerability in Web Dispatcher. This update highlights their ongoing efforts to enhance security measures. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **New Security Notes Released**: SAP has issued a total of eight new security … Read more
July 9, 2024 at 10:21AM SAP released 16 new and 2 updated security notes for July 2024, addressing high-severity vulnerabilities in PDCE and SAP Commerce. The PDCE bug (CVE-2024-39592) could allow unauthorized data access, while the SAP Commerce issue (CVE-2024-39597) could enable access to improperly configured sites. 15 medium-severity issues in various SAP products were … Read more