Number: AV16-099
Date: 15 June 2016
Purpose
The purpose of this advisory is to bring attention to recently published Security Notes by SAP.
Assessment
SAP has released 13 Security Notes as part of their June Security Patch Day designed to address multiple vulnerabilities (including 1 critical, 3 high) in several SAP products. Two updates are also available relating to previously released Patch Day Security Notes. Vulnerabilities addressed in the June Security Patch Day Security Notes include: Cross Site Scripting, Missing Authorization Check, Denial of Service, Information Disclosure, and Code Injection .
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released update to affected applications accordingly.
References: