SAP blasts critical software problems in patch update

SAP has issued a round of fixes to plug security flaws discovered in the company’s software and solutions.

sap-security-fixes-zdnet.jpg

According to the tech giant’s security advisory, the update fixes four denial-of-service security flaws, two directory traversal and missing authorisation checks, a single cross-site scripting vulnerability, and one SQL injection issue.

In addition, SAP fixed three other security problems but no details have been released on their substance — or any detailed explanation of the vulnerabilities mentioned above.

See also: SAP to double down on cybersecurity strategy

The company also updated 13 security fixes issued in July.

In total, 11 researchers reported the problems fixed in the August patch round, including Core Security’s Martin Gallo, Core Security, Martin Gallo from Devoteam and Onapsis’ Sergio Abraham.

In May, SAP announced a reshuffle of executive ranks to better target small and medium-sized businesses.

More security news