SAP August 2020 Patch Day
On the 11th of August 2020, SAP has released security updates and fixed vulnerabilities, some of which are critical. The most dangerous vulnerability was identified as CVE-2020-6284 and has a critical rating on a severity scale of 9/10. It is located in the knowledge management component of NetWeaver AS, and is a cross-site scripting (XSS) issue. The same component received a fix to allow unlimited file uploads (CVE-2020-6293). In SAP Business Services, the developer has patched the CVE-2020-6298 vulnerability with a slightly lower score of 8.3 related to Missing Authorization. Several versions of NetWeaver (ABAP Server) and ABAP Platform have a code injection vulnerability (CVE-2020-6296) with a severity of 8.3. SAP provides fixes for another missing authentication check (CVE-2020-6309) found in various NetWeaver AS Java components (EngineAPI, WSRM, ServerCore, and J2EE-FRMW).
Another vulnerability with 7/10 CVSS relates to Information Disclosure (CVE-2020-6295) in SAP Adaptive Server Enterprise version 16.0.
SAP customers can find out the details by logging into their account on the SAP ONE Support Launchpad.
The HPE and SAP GreenLake partnership as a “huge opportunity” for partners
The new version of SAP HANA Enterprise Cloud, delivered through HPE GreenLake, will help customers leverage the power of the cloud and work with their SAP landscape on-premises, facilitating the transition to SAP S / 4HANA.
HPE will provide the delivery, installation, and administration of the infrastructure, while SAP will provide application management services and its integration expertise from the operating system to databases and the cloud. SAP will begin actively selling HPE GreenLake cloud service in Q4, with deliveries expected in Q1 2021. The new version of SAP HANA Enterprise Cloud will have an optimized architecture based on reliable high-performance infrastructure. It will include computing, networking, and storage technologies certified and preconfigured for SAP software.
This partnership will be the continuation of a longstanding relationship between HPE and SAP. In addition, SAP chose HPE as a partner because of the company’s global presence and trust in its established brand among their mutual customers.
SAP Named Leader in Gartner 2020 Magic Quadrant in Several Categories
Gartner named SAP a Leader in the July 2020 Magic Quadrant for Sales Force Automation. This is the second consecutive year of SAP recognition.
In August 2020, SAP was named the Magic Quadrant for Digital Commerce Leader by Gartner for the sixth time in a row. SAP Commerce Cloud supports B2C and B2B use cases with a single platform that delivers the best commerce solutions. In August, Gartner also named SAP a Leader in the Magic Quadrant for Data Integration Tools. 13th time undermined SAP becomes the leader in this area.
We believe that this latest recognition from Gartner shows that SAP is enabling organizations to use our comprehensive data integration solutions as critical elements in becoming an intelligent enterprise.
Andreas Wesselmann, senior vice president, SAP HANA & Analytics, Data Management & Platform at SAP
