Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
SAP’s Security Snafu: Critical Vulnerabilities Demand Immediate Patching
SAP has patched over a dozen security flaws, including two critical ones, that could let attackers take full control of systems. A “missing authentication check” in SAP BusinessObjects and a server-side request forgery (SSRF) in SAP Build Apps were among the most severe. Patch now…
Hot Take:
Oh SAP, you had one job – to secure your system! Instead, you handed out logon tokens like Oprah giving away cars. “You get a token, you get a token, everybody gets a token!”
Key Points:
- SAP fixed over a dozen security vulnerabilities, including two critical ones.
- The most severe flaw, CVE-2024-41730, has a severity score of 9.8 and affects SAP BusinessObjects Business Intelligence Platform.
- The second critical flaw, CVE-2024-29415, is an SSRF vulnerability in SAP Build Apps, with a severity score of 9.1.
- SAP also patched four high-severity vulnerabilities in various products, including SAP S/4 HANA and SAP Commerce Cloud.
- Cybercriminals are likely to scan for unpatched systems, given SAP’s widespread use among top global companies.
Already a member? Log in here