SAP Security Notes - March 2020 - Safe O'Clock

SAP Security Notes – March 2020

March 10, 2020

On the 10th of March 2020, SAP Security Patch Day saw the release of 18 Security Notes.

Notes by severity

HotNews 4
Correction with high priority 4
Correction with medium priority 9
Correction with low priority 1

Highlights

On March Patch Day SAP presents 8 high-severity Notes with 4 of them rated as HotNews.

We will start our digest today from Security Note 2622660Security updates for the browser control Google Chromium delivered with SAP Business Client – with a CVSS Score of 10. Chromium systems update was proved to be essential due to their complexity and high possibility of becoming the target for a potential attack.

There is another Note with the highest CVSS Score possible – Security Note 2890213Missing Authentication Check in SAP Solution Manager – with a CVSS Score of 10. Due to the lack of performing any authentication for a service resulting in the complete compromise of all SMDAgents connected to the Solution Manager, the risk of systems integrity compromise is stated to be a severe threat.

The more specific Note of SAP Solution Manager security was dedicated to Diagnostics Agent. The Security Note 2845377Missing Authentication check in SAP Solution Manager (Diagnostics Agent) – with a CVSS Score of 9.8. Diagnostics Agent allows P4 connections from unauthenticated sources to an insecure Server port. This allows an attacker to control all remote functions on the Agent, as a result, sensitive data could be accessed and modified.

 

You Might Be Interested In

The latest news in the
sphere of SAP security

SAP Security Notes – May 2024

On the 14th of May 2024, SAP Security Patch Day saw the release of 14 new Security Notes. There were […]

Read more
SAP Security Notes – April 2024

On the 9th of April 2024, SAP Security Patch Day saw the release of 10 new Security Notes. There were […]

Read more
SAP News Overview for March 2024

SAP and NVIDIA partnership Another SAP partnership has benefited from the use of artificial intelligence. SAP SE and NVIDIA announced […]

Read more
SAP Security Notes – March 2024

On the 13th of February 2024, SAP Security Patch Day saw the release of 10 new Security Notes. There were […]

Read more

Subscribe today to get more insights,
updates, and industry trends

Delivered to your inbox weekly.
No spam. We respect your privacy

    This website use cookies. Learn more
    OK