SAP News Overview for August 2021 – August security updates, Acquisition of SwoopTalent, NBA&SAP partnership - Safe O'Clock

SAP News Overview for August 2021 – August security updates, Acquisition of SwoopTalent, NBA&SAP partnership

September 9, 2021

SAP releases August 2021 security updates

On Tuesday 10th August, SAP released a total of 19 new and updated security notes. Three of them have the highest Hot News severity ratings and six are rated high priority.

The most important fix is critical vulnerability CVE-2021-33698 (Unrestricted file upload vulnerability affecting SAP Business One). An attacker could exploit the script loading vulnerability, suggesting that the vulnerability could be exploited to execute arbitrary code.

The vulnerability (CVE-2021-33690) relates to Server Side Request Forgery (SSRF) and affects the NetWeaver development infrastructure. An attacker could exploit a proxy vulnerability by sending specially crafted requests. If the device is available on the Internet, a hacker “could completely compromise sensitive data residing on the server, and impact its availability”.

The third vulnerability with a CVSS score of 9.1 (CVE-2021-33701) is an SQL injection in the SAP NZDT (Near Zero Downtime Technology) service used by S / 4HANA and the DMIS mobile plugin.

Other critical issues include two cross-site scripting (XSS) vulnerabilities [CVE-2021-33702], [CVE-2021-33703], and an SSRF vulnerability [CVE-2021-33705] in the NetWeaver Enterprise Portal. XSS vulnerabilities affect two portal servlets and allow an attacker to inject JavaScript code into the corresponding pages. The code is executed in the victim’s browser when she accesses the compromised servlet.

An SSRF vulnerability allows an unauthorized attacker to make requests to internal or external servers by tricking the user into clicking a malicious link.

NBA Selects RISE with SAP

US basketball league and SAP announced an expanded partnership and cloud computing capabilities. 

The NBA will migrate its SAP cloud software environment, including the HANA Cloud database, to Microsoft Azure. Using the new SAP software, the NBA will be able to modernize several business processes to work more efficiently, and this technology will also improve DTC initiatives and fan interactions.

“The NBA has consistently delivered cutting-edge experiences for fans powered by industry-leading innovation in sports and entertainment,” said Lloyd Adams, SAP North America senior vice president, and managing director of East Region. “We look forward to helping the NBA continue its impressive cloud transformation strategy via RISE with SAP.”

SAP acquires machine learning tech company SwoopTalent

SAP announced that it is acquiring SwoopTalent, the machine learning (ML) and artificial intelligence (AI) based tech company.

Now SAP will be able to embed SwoopTalent’s data, AI, and ML technology across SAP SuccessFactors solutions, which will enhance the human experience management (HXM) systems offered by SAP.

The AI-powered SwoopTalent platform allows to manage data from different HR systems, as well as combine and analyze information to facilitate more effective HR decision-making. With newly-acquired tools, SAP will be able to help customers gain meaningful information that will assist them in their initiatives to improve the skills and retraining of their employees.

“By making workforce data more reliable and accessible, we can help our customers gain powerful insights about their people to effectively upskill, reskill and redeploy talent and future-proof their business. The founders of SwoopTalent are industry thought leaders with proven expertise using data, machine learning and analytics to elevate HR and make organizations more competitive. We are thrilled to have them join SAP to further our HXM strategy.” said Meg Bear, SAP SuccessFactors chief product officer. 

You Might Be Interested In

The latest news in the
sphere of SAP security

SAP News Overview for April 2023 – new SAP office in San Francisco, AMD is SAP customer and others

New SAP office in San Francisco SAP is constantly expanding to make its services available to more customers. The company […]

Read more
SAP Security Notes – May 2023

May 2023 On the 9th of May 2023, SAP Security Patch Day, 18 new Security Notes were released. There were […]

Read more
SAP Security Notes – April 2023

On the 11th of April 2023, SAP Security Patch Day saw the release of 19 new Security Notes. There were […]

Read more
SAP News Overview for March 2023 – Industry Cloud for healthcare, Axfood and others

SAP’s Industry Cloud helps healthcare In life sciences and healthcare, SAP is committed to helping its customers develop and advance […]

Read more

Subscribe today to get more insights,
updates, and industry trends

Delivered to your inbox weekly.
No spam. We respect your privacy

    This website use cookies. Learn more