Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

SAP Issues Critical Patches for Products

August 14, 2024
Reading Time: 2 mins read
in Alerts

On August 13, 2024, SAP released a comprehensive set of security updates addressing 25 vulnerabilities as part of its August Security Patch Day. This release includes 17 new security notes and eight updates to existing notes, focusing on critical flaws across various SAP products. Among these, two vulnerabilities have been flagged as ‘hot news’ due to their severe impact. The first, tracked as CVE-2024-41730, involves a missing authentication check in the BusinessObjects Business Intelligence platform, potentially allowing attackers to gain unauthorized access and compromise the entire system.

The second critical issue, identified as CVE-2024-29415, is a server-side request forgery (SSRF) bug found in the Node.js library used in Build Apps. This flaw could be exploited to manipulate server requests, and SAP recommends that all applications built with Build Apps be updated to version 4.11.130 or later to mitigate the risk. The release also addresses high-severity vulnerabilities in several other SAP products, including an XML injection flaw in BEx Web, a prototype pollution bug in S/4 HANA, and an information disclosure issue in Commerce Cloud.

Additionally, SAP updated a previous security note from June 2024 to address a denial-of-service (DoS) vulnerability in NetWeaver AS Java, which impacts the Meta Model Repository. The update resolves the issue and helps prevent potential service disruptions. The remaining 19 security notes cover medium-severity vulnerabilities, including those that could lead to information disclosure, privilege escalation, code injection, and data deletion.

Organizations using SAP products are urged to review and apply these patches without delay to protect their systems from potential threats. As vulnerabilities in SAP software have been known targets for attackers, timely patching is crucial to maintaining security and mitigating risks associated with these newly discovered flaws.

Reference:

  • SAP Issues Critical Security Patches for BusinessObjects and Build Apps
Tags: AugustAugust 2024Cyber AlertsCyber Alerts 2024Cyber threatsSAPsecurity updatesVulnerabilities
ADVERTISEMENT

Related Posts

PyPI Warns of Email Phishing Attack

NOVABLIGHT Steals Logins and Crypto

August 1, 2025
PyPI Warns of Email Phishing Attack

PyPI Warns of Email Phishing Attack

August 1, 2025
PyPI Warns of Email Phishing Attack

Dahua Camera Flaws Enable Remote Hacking

August 1, 2025
Hackers Spread JSCEAL via Fake Crypto Apps

Choicejacking Attack Steals Phone Data

July 31, 2025
Hackers Spread JSCEAL via Fake Crypto Apps

Hackers Exploit WordPress Theme Flaw

July 31, 2025
Hackers Spread JSCEAL via Fake Crypto Apps

Hackers Spread JSCEAL via Fake Crypto Apps

July 31, 2025

Latest Alerts

Dahua Camera Flaws Enable Remote Hacking

NOVABLIGHT Steals Logins and Crypto

PyPI Warns of Email Phishing Attack

Choicejacking Attack Steals Phone Data

Hackers Exploit WordPress Theme Flaw

Hackers Spread JSCEAL via Fake Crypto Apps

Subscribe to our newsletter

    Latest Incidents

    Everest Ransomware Hits Mailchimp

    Cyberattack Hits French Natural History Museum

    Russia Faces Second Major Cyberattack

    SafePay Ransomware Threatens Ingram Micro

    Minnesota State Capital Under Cyberattack

    GLOBAL GROUP Ransomware Hits Albavisión

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial