SAP Cyber Threat Intelligence report – June 2018

The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyber attacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats.

Key takeaways

• June’s set of SAP Security Notes consists of 14 patches with the majority of them rated medium.
• The most common vulnerability types are Cross-Site Scripting and Remote Command Execution.

SAP Security Notes – June 2018

SAP has released the monthly critical patch update for June 2018. This patch update closes 14 SAP Security Notes (10 SAP Security Patch Day Notes and 4 Support Package Notes). 5 of all the patches are updates to previously released Security Notes.

2 of all the patches are updates to the previously released Security Notes.

7 of all the notes is released after the second Tuesday of the previous month and before the second Tuesday of this month.

This month, the most common vulnerability types are considered Cross-Site Scripting and Remote Command Execution.

SAP users are recommended to implement security patches as they are released as it helps protect the SAP landscape.

Critical issues closed by SAP Security Notes in June

The most dangerous vulnerabilities of this update can be patched with the help of the following SAP Security Notes:

• 2588475: SAP Business One has an Information Disclosure vulnerability (CVSS Base Score: 8.4 CVE-2018-2425 ). An attacker can use Information disclosure vulnerability for revealing additional information (system data, debugging information, etc) which will help to learn about a system and to plan other attacks.
  Install this SAP Security Note to prevent the risks.
• 2626762: SAP Internet Sales has a Remote Command Execution (RCE) vulnerability (CVSS Base Score: 7.5 CVE-2015-0899). An attacker can use a Remote Command Execution vulnerability for unauthorized execution of commands remotely. Executed commands will run with a same privileges of a service that executed a command. An attacker can access to arbitrary files and directories located in a SAP-server filesystem including application source code, configuration and critical system files. It allows to obtain critical technical and business-related information stored in a vulnerable SAP-system.
  Install this SAP Security Note to prevent the risks.
• 2629535: SAP Internet Sales has a Denial of service (DoS) vulnerability (CVSS Base Score: 7.3 CVE-2014-0050 ). An attacker can use Denial of service vulnerability for terminating a process of vulnerable component. For this time nobody can use this service, this fact negatively influences on a business processes, system downtime and business reputation as result.
  Install this SAP Security Note to prevent the risks.

Advisories for these SAP vulnerabilities with technical details will be available in three months on erpscan.com. Exploits for the most critical vulnerabilities are already available in ERPScan Security Monitoring Suite.

The post SAP Cyber Threat Intelligence report – June 2018 appeared first on ERPScan.