{"id":11444,"date":"2024-05-16T09:06:54","date_gmt":"2024-05-16T07:06:54","guid":{"rendered":"https:\/\/www.inprosec.com\/?p=11444"},"modified":"2024-05-16T13:06:40","modified_gmt":"2024-05-16T11:06:40","slug":"sap-security-notes-may-2024","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/","title":{"rendered":"SAP Security Notes, May 2024"},"content":{"rendered":"<p><strong>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems.<\/strong><\/p>\n\n<h2>May 2024 notes<\/h2>\n<h3>Summary and highlights of the month<\/h3>\n<p>The total number of notes\/patches has been 17, 5 more than last month. The number of Hot News has been 3, 3 more than last month since there were none in April. On the other hand, it is worth noting that the number of high-criticality notes has decreased compared to last month: 1 this month. As always, we will leave the medium and low notes unreviewed but will provide details on a total of 4 notes (all with a CVSS of 7 or higher).<\/p>\n<p>We have a total of 17 notes for the entire month (the 17 from Patch Tuesday, 14 new, and 3 updates).<\/p>\n<p>We will review in detail a total of 4 notes, the 3 HotNews from this month: 2 new and 1 update, and the high note, which is new (those with a CVSS greater than or equal to 7).<\/p>\n<ol>\n<li><strong>The most critical note of the month<\/strong> (with <strong>CVSS <span style=\"color: #ff0000;\">10<\/span><\/strong>) is an update of a Hot News related to &#8220;<strong>Security updates for the browser control Google Chromium delivered with SAP Business Client.<\/strong>&#8220;<\/li>\n<li>The next in criticality (<strong>CVSS <span style=\"color: #ff0000;\">9.8<\/span><\/strong>) is a Hot News related to \u201c<strong>Multiple vulnerabilities in SAP CX Commerce.<\/strong>\u201d<\/li>\n<li>The next in criticality (<strong>CVSS <span style=\"color: #ff0000;\">9.6<\/span><\/strong>) is a Hot News related to \u201c<strong>File upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform.<\/strong>\u201d<\/li>\n<li>The next in criticality (<strong>CVSS <span style=\"color: #ff0000;\">8.1<\/span><\/strong>) is a high note related to \u201c<strong>Cross-site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform.<\/strong>\u201d<\/li>\n<li>This month, the most predominant type is related to \u201c<strong>Missing Authorization check in SAP: in different modules<\/strong>\u201d (4\/17 on patch day).<\/li>\n<\/ol>\n<p>In the graph, we can see the <span style=\"text-decoration: underline;\"><strong>classification of May notes<\/strong><\/span>, in addition to the evolution and classification of the previous 5 months (only notes from Sec. Tuesday \/ Patch Day \u2013 by SAP).<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-11446\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg\" alt=\"\" width=\"706\" height=\"371\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg 1200w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024-300x158.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024-1024x538.jpg 1024w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024-600x315.jpg 600w\" sizes=\"(max-width: 706px) 100vw, 706px\" \/><\/p>\n<h3>Full details<\/h3>\n<p>The <strong>complete detail of the most relevant notes<\/strong> is as follows:<\/p>\n<ol>\n<li><strong><u>Update &#8211; Security updates for the browser control Google Chromium delivered with SAP Business Client (2622660)<\/u><\/strong><strong>:<\/strong>\u00a0This security note addresses multiple vulnerabilities in the Chromium web browser control used within SAP Business Client. The Chromium web browser version will be updated periodically to address emerging security threats. Security fixes are provided along with SAP Business Client patches, and the priority of these updates is determined by the severity of the vulnerabilities patched. If SAP Business Client is not updated with the latest patches, viewing web pages through this Chromium browser could expose the system to a variety of threats, such as memory corruption or disclosure of sensitive information. These vulnerabilities could affect the confidentiality, integrity and availability of the system, and could even lead to system crashes or the collection of information for more serious attacks in the future. The proposed solution implies that each new SAP Business Client patch includes the latest stable version of the Chromium browser control, previously validated by SAP. Furthermore, it is recommended to apply additional security measures according to the official SAP Business Client documentation, specifically in the security settings section for the Chromium browser control. <strong>CVSS v3 Base Score: <\/strong><span style=\"color: #ff0000;\"><strong>10<\/strong><\/span><strong><span style=\"color: #ff0000;\">\u00a0<\/span>\/ 10 (Multiple CVE\u00b4s).<\/strong><\/li>\n<li><strong><u>Multiple vulnerabilities in SAP CX Commerce <\/u><\/strong><strong><u>(1455438<\/u><\/strong>): This security note identifies two vulnerabilities in CX Commerce: <strong>In Swagger UI<\/strong>, which allows CSS injection, making it possible for attackers to use the Relative Path Overwrite (RPO) technique on CSS-based input fields, which can compromise the security and availability of the application and in <strong>remote code execution in SAP CX Commerce<\/strong>: Due to incorrect initialization in Apache Calcite Avatica 1. 18.0, HTTP client instances can be created based on class names provided through a connection property (httpclient_impl) without checking if the class implements the expected interface. This can allow malicious code to be executed on the system. As a solution, SAP removed a vulnerable test extension and released an update to address these vulnerabilities in CX Commerce. <strong>CVSS v3 Base Score: <\/strong><strong><span style=\"color: #ff0000;\">9,8<\/span> <\/strong><strong>\/ 10 [CVE-2019-17495].<\/strong><\/li>\n<li><strong><u>File upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform <\/u><\/strong><strong><u>(3448171<\/u><\/strong><strong>)<\/strong>: An unauthenticated attacker can upload a malicious file to the server. When a victim accesses this file, the attacker can completely compromise the system. This flaw is due to the insecure configuration of the &#8220;FILESYSTEM&#8221; and &#8220;SOMU_DB&#8221; content repositories, which are configured with the &#8220;No signature&#8221; option enabled. To solve this problem, a new secure default configuration is implemented to prevent this type of attacks. <strong>CVSS v3 Base Score: <\/strong><span style=\"color: #ff0000;\"><strong>9,6<\/strong><\/span><strong>\/ 10 [CVE-2024-33006].<\/strong><\/li>\n<li><strong><u>Cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform <\/u><\/strong><strong><u>(3431794<\/u><\/strong><strong>)<\/strong>: SAP Business Objects Business Intelligence Platform has a stored XSS vulnerability. This allows an attacker to manipulate a parameter in the Opendocument URL, which could compromise the confidentiality and integrity of the application. The recommended solution is to sanitize the user input parameter in the Opendocument URL. In addition, the support packages and patches mentioned in this SAP security note are urged to be implemented to mitigate this security risk. <strong>CVSS v3 Base Score: <\/strong><span style=\"color: #ff0000;\"><strong>8,1<\/strong><\/span><strong>\/ 10 [CVE-2024-28165].<\/strong><\/li>\n<\/ol>\n<h3 style=\"font-weight: 400;\"><strong>Reference links<\/strong><\/h3>\n<p>Other references, from SAP and Onapsis (May):<\/p>\n<p><a href=\"https:\/\/support.sap.com\/en\/my-support\/knowledge-base\/security-notes-news\/may-2024.html\">Digital Library (sap.com)<\/a><\/p>\n<p><a href=\"https:\/\/onapsis.com\/blog\/sap-patch-day-may-2024\/\">SAP Patch Day: May 2024 &#8211; Onapsis<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><strong style=\"color: #014888; font-family: inherit; font-size: 1.6rem; letter-spacing: 0em;\"><u>Resources affected<\/u><\/strong><\/p>\n<div class=\"w-post-elm post_content\">\n<ul>\n<li>SAP Business Client, Versions &#8211; 6.5, 7.0, 7.70<\/li>\n<li>SAP Commerce, Version &#8211; HY_COM 2205<\/li>\n<li>SAP NetWeaver Application Server ABAP and ABAP Platform, Versions &#8211; SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS\u00a0 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758<\/li>\n<li>SAP BusinessObjects (Business Intelligence Platform), Versions \u2013 430, 440<\/li>\n<li>SAP Enable Now, Version \u2013 1704<\/li>\n<li>SAP NetWeaver Application server for ABAP and ABAP Platform, Versions &#8211; SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 795, SAP_BASIS 796<\/li>\n<li>SAP NetWeaver Application Server ABAP and ABAP Platform, Versions &#8211; SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758<\/li>\n<li>SAP S\/4HANA (Document Service Handler for DPS), Versions \u2013 SAP_BASIS 740, SAP_BASIS 750<\/li>\n<li>My Travel Requests, Version \u2013 600<\/li>\n<li>SAP Process Integration, Versions &#8211; MESSAGING 7.31, MESSAGING 7.40, MESSAGING 7.50, NWCEIDE 7.31, SAP_XIESR 7.31, SAP_XIESR 7.40, SAP_XIESR 7.50, SAP_XITOOL 7.31, SAP_XITOOL 7.40, SAP_XITOOL 7.50, SAP_XIAF 7.31, SAP_XIAF 7.40, SAP_XIAF 7.50, SAP_XIGUILIB 7.31, SAP_XIGUILIB 7.40, SAP_XIGUILIB 7.50<\/li>\n<li>SAP Replication Server, Versions \u2013 16.0, 16.0.3, 16.0.4<\/li>\n<li>SAP S\/4 HANA (Manage Bank Statement Reprocessing Rules), Versions \u2013 SAPSCORE 131, S4CORE 105, S4CORE 106, S4CORE107, S4CORE 108<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform (Webservices), Versions \u2013 430, 440<\/li>\n<li>SAP Process Integration, Versions &#8211; MESSAGING 7.10, MESSAGING 7.11, MESSAGING 7.30, MESSAGING 7.31, MESSAGING 7.40, MESSAGING 7.50, NWCEIDE 7.31, SAP_XITOOL 7.00, SAP_XITOOL 7.01, SAP_XITOOL 7.02, SAP_XITOOL 7.10, SAP_XITOOL 7.11, SAP_XITOOL 7.30, SAP_XITOOL 7.31, SAP_XITOOL 7.40, SAP_XITOOL 7.50, SAP_XIAF 7.31, SAP_XIAF 7.40, SAP_XIAF 7.50, SAP_XIPCK 7.00, SAP_XIPCK 7.01, SAP_XIPCK 7.02, SAP_XIPCK 7.10, SAP_XIPCK 7.11, SAP_XIPCK 7.30<\/li>\n<li>SAP Global Label Management (GLM), Versions \u2013 605, 606, 616, 617<\/li>\n<li>SAP Bank Account Management, Versions \u2013 100, 101, 102, 103, 104, 105, 106, 107, 108<\/li>\n<li>SAPUI5, Versions \u2013 754, 755, 756, 757, 758<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. May 2024 notes Summary and highlights of the month The total number of notes\/patches has been 17, 5 more than last month. The number of Hot News has been 3, 3 more than&#8230;<\/p>\n","protected":false},"author":6,"featured_media":11446,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[95,61],"tags":[150],"class_list":["post-11444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-notes","category-sap-security-en-2","tag-sap-notes"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SAP Security Notes, May 2024 - Inprosec<\/title>\n<meta name=\"description\" content=\"All updates to SAP systems notes from May 2024, to stay current and improve the security levels of your SAP systems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, May 2024\" \/>\n<meta property=\"og:description\" content=\"All updates to SAP systems notes from May 2024, to stay current and improve the security levels of your SAP systems.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-16T07:06:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-16T11:06:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, May 2024\",\"datePublished\":\"2024-05-16T07:06:54+00:00\",\"dateModified\":\"2024-05-16T11:06:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/\"},\"wordCount\":1111,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/notas-sap-mayo-2024.jpg\",\"keywords\":[\"SAP Notes\"],\"articleSection\":[\"SAP Notes\",\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/\",\"name\":\"SAP Security Notes, May 2024 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/notas-sap-mayo-2024.jpg\",\"datePublished\":\"2024-05-16T07:06:54+00:00\",\"dateModified\":\"2024-05-16T11:06:40+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"description\":\"All updates to SAP systems notes from May 2024, to stay current and improve the security levels of your SAP systems.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/notas-sap-mayo-2024.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/notas-sap-mayo-2024.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2024\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, May 2024\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, May 2024 - Inprosec","description":"All updates to SAP systems notes from May 2024, to stay current and improve the security levels of your SAP systems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, May 2024","og_description":"All updates to SAP systems notes from May 2024, to stay current and improve the security levels of your SAP systems.","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/","og_site_name":"Inprosec","article_published_time":"2024-05-16T07:06:54+00:00","article_modified_time":"2024-05-16T11:06:40+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, May 2024","datePublished":"2024-05-16T07:06:54+00:00","dateModified":"2024-05-16T11:06:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/"},"wordCount":1111,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg","keywords":["SAP Notes"],"articleSection":["SAP Notes","SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/","name":"SAP Security Notes, May 2024 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg","datePublished":"2024-05-16T07:06:54+00:00","dateModified":"2024-05-16T11:06:40+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"description":"All updates to SAP systems notes from May 2024, to stay current and improve the security levels of your SAP systems.","breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/05\/notas-sap-mayo-2024.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, May 2024"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/11444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=11444"}],"version-history":[{"count":1,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/11444\/revisions"}],"predecessor-version":[{"id":11450,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/11444\/revisions\/11450"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/11446"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=11444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=11444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=11444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}