SAP News Overview for July 2022 - Safe O'Clock

SAP News Overview for July 2022

August 19, 2022

SAP releases July 2022 security updates

 On 12th of July 2022, SAP released 20 new and 3 updated Security Notes. There are no hot news notes this month, but there are four high priority notes: one of which affects SAP BusinessObjects and three of which affect Business One.

The most severe of these issues is CVE-2022-35228 (CVSS Score 8.3), an information disclosure vulnerability in the BusinessObjects Business Intelligence Platform Central Management Console. The vulnerability allows an unauthenticated attacker to obtain information about tokens over a network that would otherwise be limited. Fortunately, such an attack would also require a legitimate user to access the application. With successful exploitation, an attacker can completely compromise the application.

The first of the high-severity CVSS 7.6 bugs affecting Business One is an information disclosure flaw (CVE-2022-32249), which allows a privileged attacker to gain access to sensitive information that could be used in subsequent attacks, such as login credentials. data.

The second issue in Business One is a missing authorization check (CVE-2022-28771), which allows an unauthenticated attacker to compromise an application using malicious HTTP requests sent over the network.

The third bug in Business One is a code injection vulnerability (CVE-2022-31593) that allows a low-privileged attacker to control the behavior of an application. All other vulnerabilities are classified as medium or low.

 

SAP Acquires Askdata

SAP announced that it has acquired Askdata, a startup focused on search-driven analytics.

With the acquisition of Askdata, SAP is strengthening its AI-powered natural language search capabilities. The Askdata IP address will become part of the SAP Business Technology Platform and will contribute to a next-generation lightweight analytics experience for SAP Analytics cloud and business application customers.

Irfan Khan, President and Chief Product Officer of SAP HANA Database & Analytics, stated: “The ability to cater to a wide range of user profiles will be the primary driver of data and analytics adoption. Askdata provides SAP with a path to lead this transition to the benefit of our customers.”

 

 

 

You Might Be Interested In

The latest news in the
sphere of SAP security

SAP Security Notes – February 2024

On the 13th of February 2024, SAP Security Patch Day saw the release of 13 new Security Notes. There were […]

Read more
SAP Security Notes – January 2024

On the 9th of January 2024, SAP Security Patch Day saw the release of 10 new Security Notes. There were […]

Read more
SAP Security Notes – December 2023

On the 12th of December 2023, SAP Security Patch Day saw the release of 15 new Security Notes. There were […]

Read more
SAP Security Notes – November 2023

On the 14th of November 2023, SAP Security Patch Day saw the release of 3 new Security Notes. There were […]

Read more

Subscribe today to get more insights,
updates, and industry trends

Delivered to your inbox weekly.
No spam. We respect your privacy

    This website use cookies. Learn more
    OK