SAP Security Notes - March 2020 - Safe O'Clock

SAP Security Notes – March 2020

March 10, 2020

On the 10th of March 2020, SAP Security Patch Day saw the release of 18 Security Notes.

Notes by severity

HotNews 4
Correction with high priority 4
Correction with medium priority 9
Correction with low priority 1

Highlights

On March Patch Day SAP presents 8 high-severity Notes with 4 of them rated as HotNews.

We will start our digest today from Security Note 2622660Security updates for the browser control Google Chromium delivered with SAP Business Client – with a CVSS Score of 10. Chromium systems update was proved to be essential due to their complexity and high possibility of becoming the target for a potential attack.

There is another Note with the highest CVSS Score possible – Security Note 2890213Missing Authentication Check in SAP Solution Manager – with a CVSS Score of 10. Due to the lack of performing any authentication for a service resulting in the complete compromise of all SMDAgents connected to the Solution Manager, the risk of systems integrity compromise is stated to be a severe threat.

The more specific Note of SAP Solution Manager security was dedicated to Diagnostics Agent. The Security Note 2845377Missing Authentication check in SAP Solution Manager (Diagnostics Agent) – with a CVSS Score of 9.8. Diagnostics Agent allows P4 connections from unauthenticated sources to an insecure Server port. This allows an attacker to control all remote functions on the Agent, as a result, sensitive data could be accessed and modified.

 

You Might Be Interested In

The latest news in the
sphere of SAP security

SAP News Overview for April 2023 – new SAP office in San Francisco, AMD is SAP customer and others

New SAP office in San Francisco SAP is constantly expanding to make its services available to more customers. The company […]

Read more
SAP Security Notes – May 2023

May 2023 On the 9th of May 2023, SAP Security Patch Day, 18 new Security Notes were released. There were […]

Read more
SAP Security Notes – April 2023

On the 11th of April 2023, SAP Security Patch Day saw the release of 19 new Security Notes. There were […]

Read more
SAP News Overview for March 2023 – Industry Cloud for healthcare, Axfood and others

SAP’s Industry Cloud helps healthcare In life sciences and healthcare, SAP is committed to helping its customers develop and advance […]

Read more

Subscribe today to get more insights,
updates, and industry trends

Delivered to your inbox weekly.
No spam. We respect your privacy

    This website use cookies. Learn more
    OK