Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

SAP Security Notes - July 2016

Number: AV16-121
Date: 22 July 2016

Purpose

The purpose of this advisory is to bring attention to recently published Security Notes by SAP.

Assessment

SAP has released 10 Security Notes as part of their July Security Patch Day designed to address multiple vulnerabilities in several SAP products. Vulnerabilities addressed in the July Security Patch Day Security Notes include: Clickjacking, Cross Site Scripting, Missing Authorization AuthorizationAccess privileges granted to a user, program, or process. Check, Denial of Service, SQL Injection, Code Injection Code injectionIntroducing malicious code into a computer program by taking advantage of a flaw in the program, or in the way it interprets data input by users. and Buffer Overflow.

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released update to affected applications accordingly.

References:

http://scn.sap.com/community/security/blog/2016/07/12/sap-security-patch-day--july-2016

Date modified: