SAP Cyber Threat Intelligence report – January 2019

The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide insight into the latest security vulnerabilities and threats.

Key takeaways

  • The first set of SAP Security Notes of 2019 consists of 18 patches.
  • Two of the released SAP Security Notes were assessed at Hot News.
  • The most severe security issue was assessed at 9.3 (of 10) by CVSS base score.
  • This month, Cross-Site Scripting is the most common vulnerability type.
  • SAP NetWeaver ABAP platform has most of vulnerabilities fixed this month.

SAP Security Notes – January 2019

SAP has released the monthly critical patch update for January 2019. This patch update closes 18 SAP Security Notes (11 SAP Patch Day Notes and 7 Support Package Notes ). One of the patches is an update to previously released Security Notes.

Two of the released SAP Security Notes are Hot News with the highest CVSS base score of 9.3 and 9.1. Below is a chart that illustrates the SAP security notes distribution by priority.

SAP Security Notes Distribution by Priority (August 2018 – January 2019)

As seen from the chart, there was a slight increase in the number of security notes compared to the previous two months. SAP continues patching Hot News issues.

This time, Cross-Site Scripting has become the largest group in terms of the number of vulnerabilities, and Implementation Flaw has taken second place.

SAP Security Notes Distribution by Vulnerability Type – January 2019

61% (11) of all vulnerabilities belong to the SAP NetWeaver ABAP platform, as a pie chart shows:

Affected Platforms – January 2019

SAP users are recommended to implement security patches as they are released as it helps protect the SAP landscape.

Critical issues closed by SAP Security Notes in January

The following SAP Security Notes can patch the most severe vulnerabilities of this update:

  • 2696233: SAP Cloud Connector has several vulnerabilities (CVSS Base Score: 9.3 CVE-2019-0246, CVE-2019-0247). An attacker can use a missing authentication vulnerability to get access to service and read, modify or delete information. In addition, he or she could use administrative or privileged functionalities.
    The attacker can also use an OS command execution vulnerability for unauthorized execution of operating system commands. Executed commands will run with the same privileges of the service that executed a command. The hacker can access arbitrary files and directories located in an SAP server filesystem including application source code, configuration, and critical system files. It allows obtaining critical technical and business-related information stored in a vulnerable SAP system.
    Install this SAP Security Note to prevent the risks.
  • 2727624: SAP Landscape Management has an Information Disclosure vulnerability (CVSS Base Score: 9.1 CVE-2019-0249). An attacker can use an Information disclosure vulnerability to reveal additional information (e.g., system data, debugging information, etc.) which will help to explore the system and plan other attacks.
    Install this SAP Security Note to prevent the risks.
  • 2724788: Adobe PDF Print Library has multiple vulnerabilities (CVSS Base Score: 7.3). Depending on a vulnerability, an implementation flaw can result in unpredictable behavior, issues related to system stability and safety. Patches correct configuration errors, add new functionality and improve system stability.
    Install this SAP Security Note to prevent the risks.

Do you want more?

Subscribe me to your mailing list