SAP released 14 new and updated Security Notes, including four HotNews Notes and three High Priority notes.
Onapsis Research Labs (ORL) supported SAP in patching three vulnerabilities in total, including High Priority Note #3256571 and SAP Security Note #3238042, through the result of continuous Onapsis security research.
ORL detected that the application allows an unauthenticated attacker to craft a legitimate looking URL, which redirects the victim to a malicious site when clicked. This can result in disclosure or modification of the victim's information.
Thomas Fritsch, SAP security researching at Onapsis provided insight on these patches that includes:
- SAP Security Note #3243924, tagged with a CVSS score of 9.9, patches a vulnerability in SAP BusinessObjects Business Intelligence Platform (Central Management Console and BI Launchpad) that is caused by an insecure deserialization of untrusted data. Some of the SAP BusinessObjects BI workflows allow an authenticated attacker, with low privileges, to intercept a serialized object in the parameters and substitute it with a malicious serialized one.
- SAP Security Note #3249990, tagged with a CVSS score of 9.8, patches two vulnerabilities in the SQLite library that is included in the SAPUI5 framework. This vulnerability enabled a remote attacker with minimal privileges to exploit SQLite. This had the potential for considerable impact on confidentiality, integrity, and availability of all applications using SAPUI5.
- SAP Security Note #3263436, tagged with a CVSS score of 7.0, patches an Arbitrary Code Execution vulnerability in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer. Arbitrary code execution can be triggered when a victim opens a manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer.
For more information about this news, visit https://onapsis.com.