SAP Releases Security Updates for August - 20230815002¶
Overview¶
SAP has released security updates that address vulnerabilities in a number of SAP products such as SAP PowerDesigner, SAP BusinessObjects Business Intelligence Suite, SAP Business One and others.
The vulnerabilities pose significant risks to a system's confidentiality, integrity and availability.
What is the vulnerability?¶
There are a total of 16 vulnerabilities addressed ranging from low to critical severity.
For more complete details, please review the post on SAP's blog.
What is vulnerable?¶
The vulnerabilities affect the following products:
- SAP Business One
- SAP BusinessObjects Business Intelligence Platform
- SAP BusinessObjects Business Intelligence Suite
- SAP Commerce
- SAP Commerce Cloud
- SAP Host Agent
- SAP Message Server
- SAP NetWeaver AS ABAP and ABAP Platform
- SAP NetWeaver Process Integration
- SAP PowerDesigner
- SAP Supplier Relationship Management
- SAPUI5
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within the expected time frames recommended in the Patch Management guidelines.