SAP releases June 2021 security updates
Tuesday 8th June SAP released a total of 17 new and 2 updated security notes. Two of them have the highest Hot News severity ratings. SAP NetWeaver received the largest number of fixes.
CVE-2021-27602 – the most critical note of the month (with CVSS 9.9) is the update for the remote code execution vulnerability, in which only an updated link to the FAQ document was added.
CVE-2021-27610 – Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform. This vulnerability could be used to trick the gateway components of NetWeaver AS to gain full access. Note received a CVSS of 9.
CVE-2021-27635 – missing XML validation vulnerability in SAP NetWeaver AS Java with CVSS score 8.6 was fixed. This lack of validation allows a user who is authenticated as an administrator to connect over the network and send a malicious XML file. In addition, processing the file could compromise the availability of the system and cause it to crash.
SAP Security Notes #3021197, #3020209 and #3020104 with a CVSS rating of 7.5 fix 11 vulnerabilities that could cause memory corruption in the SAP Gateway process.
SAP announced the largest global business network
SAP Business Network will combine Ariba Network, SAP Logistics Business Network and SAP Asset Intelligence Network. It will help more than 5.5 million companies operate more efficiently, better navigate changing economic and geopolitical conditions, and contribute to the sustainable development of the global economy.
The new SAP Business Network ecosystem will be a unique tool – companies doing business together will have access to a single unified portal and form a holistic perception of the entire supply chain, logistics, product traceability, and equipment management and maintenance.
SAP today announced the RISE with SAP industry-specific bundled offering. Industry-specific cloud solutions will become available in five areas – for retail, consumer goods, automotive, utilities, and industrial equipment and components.
SAP announced a portfolio of new sustainability-specific products:
The SAP Responsible Design and Production solution will enable specialists to make rational decisions at all stages – from the development of the product concept to its production. SAP Product Footprint Management will track sustainability aspects throughout the entire product lifecycle, while SAP Sustainability Control Tower will provide process transparency.
100 solutions for startups SAP.iO available in the SAP Store
The solutions presented in the SAP Store integrate with or expand on major SAP products to meet industry-specific customer needs.
“Startups are able to scale faster through access to SAP’s customers, and SAP is building the next-generation partner ecosystem. We’ve been able to create a ‘win-win-win’ situation” said Alexa Gorman, SVP, global head of SAP.iO Foundries & Intrapreneurship.