Number: AV16-121
Date: 22 July 2016
Purpose
The purpose of this advisory is to bring attention to recently published Security Notes by SAP.
Assessment
SAP has released 10 Security Notes as part of their July Security Patch Day designed to address multiple vulnerabilities in several SAP products. Vulnerabilities addressed in the July Security Patch Day Security Notes include: Clickjacking, Cross Site Scripting, Missing Authorization Check, Denial of Service, SQL Injection, Code Injection and Buffer Overflow.
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released update to affected applications accordingly.
References:
http://scn.sap.com/community/security/blog/2016/07/12/sap-security-patch-day--july-2016