SAP News Overview for July 2022 - July security updates, Acquisition of Askdata - Safe O'Clock

SAP News Overview for July 2022 – July security updates, Acquisition of Askdata

August 19, 2022

SAP releases July 2022 security updates

 On 12th of July 2022, SAP released 20 new and 3 updated Security Notes. There are no hot news notes this month, but there are four high priority notes: one of which affects SAP BusinessObjects and three of which affect Business One.

The most severe of these issues is CVE-2022-35228 (CVSS Score 8.3), an information disclosure vulnerability in the BusinessObjects Business Intelligence Platform Central Management Console. The vulnerability allows an unauthenticated attacker to obtain information about tokens over a network that would otherwise be limited. Fortunately, such an attack would also require a legitimate user to access the application. With successful exploitation, an attacker can completely compromise the application.

The first of the high-severity CVSS 7.6 bugs affecting Business One is an information disclosure flaw (CVE-2022-32249), which allows a privileged attacker to gain access to sensitive information that could be used in subsequent attacks, such as login credentials. data.

The second issue in Business One is a missing authorization check (CVE-2022-28771), which allows an unauthenticated attacker to compromise an application using malicious HTTP requests sent over the network.

The third bug in Business One is a code injection vulnerability (CVE-2022-31593) that allows a low-privileged attacker to control the behavior of an application. All other vulnerabilities are classified as medium or low.

 

SAP Acquires Askdata

SAP announced that it has acquired Askdata, a startup focused on search-driven analytics.

With the acquisition of Askdata, SAP is strengthening its AI-powered natural language search capabilities. The Askdata IP address will become part of the SAP Business Technology Platform and will contribute to a next-generation lightweight analytics experience for SAP Analytics cloud and business application customers.

Irfan Khan, President and Chief Product Officer of SAP HANA Database & Analytics, stated: “The ability to cater to a wide range of user profiles will be the primary driver of data and analytics adoption. Askdata provides SAP with a path to lead this transition to the benefit of our customers.”

 

 

 

You Might Be Interested In

The latest news in the
sphere of SAP security

SAP News Overview for April 2023 – new SAP office in San Francisco, AMD is SAP customer and others

New SAP office in San Francisco SAP is constantly expanding to make its services available to more customers. The company […]

Read more
SAP Security Notes – May 2023

May 2023 On the 9th of May 2023, SAP Security Patch Day, 18 new Security Notes were released. There were […]

Read more
SAP Security Notes – April 2023

On the 11th of April 2023, SAP Security Patch Day saw the release of 19 new Security Notes. There were […]

Read more
SAP News Overview for March 2023 – Industry Cloud for healthcare, Axfood and others

SAP’s Industry Cloud helps healthcare In life sciences and healthcare, SAP is committed to helping its customers develop and advance […]

Read more

Subscribe today to get more insights,
updates, and industry trends

Delivered to your inbox weekly.
No spam. We respect your privacy

    This website use cookies. Learn more
    OK