SAP Security Notes - April 2019 - Safe O'Clock

SAP Security Notes – April 2019

April 9, 2019

On the 9th of April 2019, SAP Security Patch Day saw the release of 8 Security Notes.

Notes by severity

HotNews 1
Correction with high priority 1
Correction with medium priority 6
Correction with low priority 0

Highlights

On April Patch Day SAP presents 1 HotNews Security Note and 1 high-severity Note.

Starting with the first HotNews Note 2622660Security updates for the browser control Google Chromium delivered with SAP Business Client – with a CVSS Score of 9.9. This security note addresses various flaws in the Chromium third-party web browser control, which is a component of the SAP Business Client. This message will be updated on a regular basis in accordance with Chromium’s open source web browser releases.

The last is high-severity Note 2747683SAP NetWeaver Process Integration (Adapter Engine) vulnerable to Digital Signature Spoofing – with a CVSS Score of 7.1. By using the PI Axis adapter, it is possible to forge XML signatures and make arbitrary queries to the server. Even if the payload has been changed, the PI Axis adapter will still accept these requests, especially if the signed element is the body of the XML file.

You Might Be Interested In

The latest news in the
sphere of SAP security

SAP News Overview for April 2023 – new SAP office in San Francisco, AMD is SAP customer and others

New SAP office in San Francisco SAP is constantly expanding to make its services available to more customers. The company […]

Read more
SAP Security Notes – May 2023

May 2023 On the 9th of May 2023, SAP Security Patch Day, 18 new Security Notes were released. There were […]

Read more
SAP Security Notes – April 2023

On the 11th of April 2023, SAP Security Patch Day saw the release of 19 new Security Notes. There were […]

Read more
SAP News Overview for March 2023 – Industry Cloud for healthcare, Axfood and others

SAP’s Industry Cloud helps healthcare In life sciences and healthcare, SAP is committed to helping its customers develop and advance […]

Read more

Subscribe today to get more insights,
updates, and industry trends

Delivered to your inbox weekly.
No spam. We respect your privacy

    This website use cookies. Learn more
    OK