Number: AV22-014
Date: 11 January 2022
On 11 January 2022 SAP published Security Advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- SAP Customer Checkout
- SAP BTP Cloud Foundry
- SAP Landscape Management
- SAP Connected Health Platform 2.0 - Fhirserver
- SAP HANA XS Advanced Cockpit
- SAP NetWeaver Process Integration (Java Web Service Adapter)
- SAP HANA XS Advanced
- Internet of Things Edge Platform
- SAP BTP Kyma
- SAP Enable Now Manager
- SAP Cloud for Customer (add-in for Lotus notes client)
- SAP Localization Hub, digital compliance service for India
- SAP Edge Services On Premise Edition
- SAP Edge Services Cloud Edition
- SAP BTP API Management (Tenant Cloning Tool)
- SAP NetWeaver ABAP Server and ABAP Platform (Adobe LiveCycle Designer 11.0)
- SAP Digital Manufacturing Cloud for Edge Computing
- SAP Enterprise Continuous Testing by Tricentis
- SAP Cloud-to-Cloud Interoperability
- Reference Template for enabling ingestion and persistence of time series data in Azure
- SAP Business One
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
SAP Security Patch Day – January 2022
Active Exploitation of Apache Log4j Vulnerability (AL21-019)