SAP releases May 2022 security updates
On 10th of May 2022, SAP released 8 new security notes and 4 updates to previously published Patch Day security notes. Four notes relate to a recent Spring4Shell vulnerability.
All HotNews notes released in May are patches for a critical remote code execution vulnerability in SpringFramework that was discovered in March 2022 and is known as the Spring4Shell vulnerability.
Tracked as CVE-2022-22965 and affecting the widely used Spring Java framework, the security hole can lead to remote code execution, and security researchers have already observed attempts to use it in attacks.
The May updates include two high-priority security notes that address a cross-site scripting (XSS) issue in the Web Dispatcher and NetWeaver administration UI (CVE-2022-27656, CVSS score 8.3) and information disclosure in BusinessObjects (CVE-2022- 28214, CVSS score 7.8).
SAP and Accenture announced a new joint offering for large enterprises
Accenture and SAP announced a new joint offering to help large enterprises move to the cloud and innovate continuously. The offering combines the RISE solution with SAP with the services available via SOAR with Accenture and enhances them with new features spanning the Accenture Transformation Suite. These include proprietary intelligence tools and customized cloud services provided as a service.
The new joint offer was showcasing the RISE with SAP and SOAR with Accenture offering at SAP SAPphire, an event hosted by SAP in Orlando from May 10-12, 2022.