{"id":12522,"date":"2024-12-11T12:07:56","date_gmt":"2024-12-11T10:07:56","guid":{"rendered":"https:\/\/www.inprosec.com\/?p=12522"},"modified":"2024-12-11T12:07:56","modified_gmt":"2024-12-11T10:07:56","slug":"sap-security-notes-december-2024","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/","title":{"rendered":"SAP Security Notes, December 2024"},"content":{"rendered":"<p><strong>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems.<\/strong><\/p>\n\n<h2>December 2024 Notes<\/h2>\n<h3>Summary and Highlights of the Month<\/h3>\n<div>\n<p>This month, the total number of notes\/patches was 13, 3 more than last month. There was one HotNews this month, the first since September. Regarding the number of high-criticality notes, these increased by 2 this month, from 2 in November to 4. Medium and low-criticality notes will not be reviewed, so <strong>we will provide details on a total of 5 notes<\/strong> (all those with a CVSS of <strong>7<\/strong> or higher).<\/p>\n<p>We have <strong>a total of 13 notes<\/strong> for the entire month (all 13 from Patch Tuesday: 10 new and 3 updates).<\/p>\n<p>We will review in detail a total of 5 notes, the 4 high-criticality notes and the HotNews, which consist of 2 updates and 3 new notes (those with a CVSS greater than or equal to <strong>7<\/strong>).<\/p>\n<ol>\n<li><strong>The most critical note of the month (<\/strong>with<strong> CVSS<\/strong><strong> <span style=\"color: #ff0000;\">9.1<\/span><\/strong><strong>)<\/strong> is a HotNews related to<strong> \u201cMultiple vulnerabilities in SAP NetWeaver AS for JAVA (Adobe Document Services)\u201d.<\/strong><\/li>\n<li>The next in criticality<strong> (CVSS<\/strong> <span style=\"color: #ff0000;\"><strong>8.8<\/strong><\/span><strong>)<\/strong> is an update to the note published in November of this year, related to <strong>\u201cCross-Site Scripting (XSS) vulnerability in SAP Web Dispatcher\u201d.<\/strong><\/li>\n<li>The next in criticality<strong> (CVSS<\/strong> <span style=\"color: #ff0000;\"><strong>8.5<\/strong><\/span><strong>)<\/strong> is a note related to <strong>\u201cInformation Disclosure vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP\u201d.<\/strong><\/li>\n<li>The next in criticality<strong> (CVSS<\/strong> <span style=\"color: #ffcc00;\"><strong>7.5<\/strong><\/span><strong>)<\/strong> is an update to the note published in November of this year, related to <strong>\u201cNULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform\u201d.<\/strong><\/li>\n<li>The next in criticality<strong> (CVSS<\/strong> <span style=\"color: #ffcc00;\"><strong>7.2<\/strong><\/span><strong>)<\/strong> is a note related to <strong>\u201cServer-Side Request Forgery in SAP NetWeaver Administrator (System Overview)\u201d.<\/strong><\/li>\n<li>This month, the most prevalent type of vulnerability is related to <strong>\u201cInformation Disclosure vulnerability<\/strong><strong>\u201d<\/strong> (3\/13 on Patch Day).<\/li>\n<\/ol>\n<p>In the chart, we can see the <strong><u>classification of December notes<\/u><\/strong>, as well as the evolution and classification of the past 5 months (only the notes from Security Tuesday \/ Patch Day \u2013 by SAP):<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-12526\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg\" alt=\"\" width=\"702\" height=\"369\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg 1200w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024-300x158.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024-1024x538.jpg 1024w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024-600x315.jpg 600w\" sizes=\"(max-width: 702px) 100vw, 702px\" \/><\/p>\n<h3>Full details<\/h3>\n<p>The <strong>complete detail of the most relevant notes<\/strong> is as follows:<\/p>\n<ol>\n<li><strong><u>Multiple vulnerabilities in SAP NetWeaver AS for JAVA (Adobe Document Services) (<\/u><\/strong><strong><u><a href=\"https:\/\/me.sap.com\/notes\/3536965\">3536965<\/a><\/u><\/strong><strong><u>)<\/u><\/strong><strong>:<\/strong>\u00a0Adobe Document Service allows an attacker with administrator privileges to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. On successful exploitation, the attacker can read or modify any file and\/or make the entire system unavailable. <strong>CVSS v3\u00a0Base Score <\/strong><span style=\"color: #ff0000;\"><strong>9,1<\/strong><\/span><strong>\/ 10 [<u><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2024-47578\">CVE-2024-47578<\/a><\/u>]<\/strong><\/li>\n<li><strong><u>\u00a0Update &#8211;\u00a0Cross-Site Scripting (XSS) vulnerability in SAP Web Dispatcher (<\/u><\/strong><strong><u><a href=\"https:\/\/me.sap.com\/notes\/3536965\">3520281<\/a><\/u><\/strong><strong><u>)<\/u><\/strong><strong>:<\/strong>\u00a0An unauthenticated attacker can create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, input data will be used by the web site page generation to create content which when executed in the victim&#8217;s browser (XXS) or transmitted to another server (SSRF) gives the attacker the ability to execute arbitrary code on the server fully compromising confidentiality, integrity and availability. Note contains 3 Workarounds.\u00a0 <strong>CVSS v3\u00a0Base Score <\/strong><span style=\"color: #ff0000;\"><strong>8,8<\/strong><\/span><strong>\/ 10 [CVE-2024-47590]<\/strong><\/li>\n<li><strong><u>Information Disclosure vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP (<\/u><\/strong><strong><u><a href=\"https:\/\/me.sap.com\/notes\/3536965\">3469791<\/a><\/u><\/strong><strong><u>)<\/u><\/strong><strong>:<\/strong>\u00a0In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application. <strong>CVSS v3\u00a0Base Score <\/strong><span style=\"color: #ff0000;\"><strong>8,5<\/strong><\/span><strong>\/ 10 [CVE-2024-54198]<\/strong><\/li>\n<li><strong><u>Update &#8211; <\/u><\/strong><strong><u>NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform (<\/u><\/strong><strong><u><a href=\"https:\/\/me.sap.com\/notes\/3536965\">3504390<\/a><\/u><\/strong><strong><u>)<\/u><\/strong><strong>:<\/strong>\u00a0SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity. <strong>CVSS v3\u00a0Base Score <\/strong><span style=\"color: #ffcc00;\"><strong>7,5<\/strong><\/span><strong>\/ 10 [CVE-2024-47586]<\/strong><\/li>\n<li><strong><u>Server-Side Request Forgery in SAP NetWeaver Administrator (System <\/u><\/strong><strong><u>Overview) (<\/u><\/strong><strong><u><a href=\"https:\/\/me.sap.com\/notes\/3536965\">3542543<\/a><\/u><\/strong><strong><u>)<\/u><\/strong><strong>:<\/strong>\u00a0SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery (SSRF) which could have a low impact on integrity and confidentiality of data. It has no impact on availability of the application. <strong>CVSS v3\u00a0Base Score <\/strong><span style=\"color: #ffcc00;\"><strong>7,2<\/strong><\/span><strong>\/ 10 [CVE-2024-54197]<\/strong><\/li>\n<\/ol>\n<h3 style=\"font-weight: 400;\"><strong>Reference links<\/strong><\/h3>\n<p>Other references, from SAP and Onapsis (december):<\/p>\n<p class=\"elementtoproof\"><u><a title=\"https:\/\/support.sap.com\/en\/my-support\/knowledge-base\/security-notes-news\/december-2024.html\" href=\"https:\/\/support.sap.com\/en\/my-support\/knowledge-base\/security-notes-news\/december-2024.html\"><span lang=\"EN-US\">SAP Security Patch Day \u2013 December 2024<\/span><\/a><\/u><\/p>\n<p><u><a title=\"https:\/\/onapsis.com\/blog\/sap-patch-day-december-2024\/\" href=\"https:\/\/onapsis.com\/blog\/sap-patch-day-december-2024\/\">SAP Patch Day: December 2024 &#8211; Onapsis<\/a><\/u><\/p>\n<p>&nbsp;<\/p>\n<p><strong style=\"color: #014888; font-family: inherit; font-size: 1.6rem; letter-spacing: 0em;\"><u>Resources affected<\/u><\/strong><\/p>\n<div class=\"w-post-elm post_content\">\n<ul>\n<li>SAP BusinessObjects Business Intelligence platform, Versions \u2013 ENTERPRISE 430, 2025<\/li>\n<li>SAP Commerce Cloud, Versions &#8211; HY_COM 2205, COM_CLOUD 2211<\/li>\n<li>SAP HCM, Version \u2013\u00a0S4HCMGXX 101<\/li>\n<li>SAP NetWeaver Administrator (System Overview), Version \u2013 LM-CORE 7.50<\/li>\n<li>SAP NetWeaver Application Server for ABAP and ABAP Platform, Versions \u2013 KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, 8.04, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 8.04, 9.12, 9.13<\/li>\n<li>SAP NetWeaver Application Server for ABAP and ABAP Platform, Versions \u2013 SAP_BASIS 740, SAP_BASIS 750<\/li>\n<li>SAP NetWeaver AS for JAVA (Adobe Document Services), Versions \u2013 ADSSSAP 7.50<\/li>\n<li>SAP NetWeaver AS JAVA, Version \u2013 LM-CORE 7.50<\/li>\n<li>SAP Product Lifecycle Costing, Version &#8211; PLC_CLIENT 4<\/li>\n<li>SAP Web Dispatcher, Versions \u2013 WEBDISP 7.77, 7.89, 7.93, KERNEL 7.77, 7.89, 7.93, 9.12, 9.13<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. December 2024 Notes Summary and Highlights of the Month This month, the total number of notes\/patches was 13, 3 more than last month. There was one HotNews this month, the first since September&#8230;.<\/p>\n","protected":false},"author":6,"featured_media":12526,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[95,61],"tags":[150],"class_list":["post-12522","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-notes","category-sap-security-en-2","tag-sap-notes"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SAP Security Notes, December 2024 - Inprosec<\/title>\n<meta name=\"description\" content=\"All updates to SAP systems notes from December 2024, to stay current and improve the security levels of your SAP systems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, December 2024\" \/>\n<meta property=\"og:description\" content=\"All updates to SAP systems notes from December 2024, to stay current and improve the security levels of your SAP systems.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-11T10:07:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, December 2024\",\"datePublished\":\"2024-12-11T10:07:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/\"},\"wordCount\":851,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/notas-sap-diciembre-2024.jpg\",\"keywords\":[\"SAP Notes\"],\"articleSection\":[\"SAP Notes\",\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/\",\"name\":\"SAP Security Notes, December 2024 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/notas-sap-diciembre-2024.jpg\",\"datePublished\":\"2024-12-11T10:07:56+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"description\":\"All updates to SAP systems notes from December 2024, to stay current and improve the security levels of your SAP systems.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/notas-sap-diciembre-2024.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/notas-sap-diciembre-2024.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-december-2024\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, December 2024\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, December 2024 - Inprosec","description":"All updates to SAP systems notes from December 2024, to stay current and improve the security levels of your SAP systems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, December 2024","og_description":"All updates to SAP systems notes from December 2024, to stay current and improve the security levels of your SAP systems.","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/","og_site_name":"Inprosec","article_published_time":"2024-12-11T10:07:56+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, December 2024","datePublished":"2024-12-11T10:07:56+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/"},"wordCount":851,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg","keywords":["SAP Notes"],"articleSection":["SAP Notes","SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/","name":"SAP Security Notes, December 2024 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg","datePublished":"2024-12-11T10:07:56+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"description":"All updates to SAP systems notes from December 2024, to stay current and improve the security levels of your SAP systems.","breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2024\/12\/notas-sap-diciembre-2024.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-december-2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, December 2024"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/12522","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=12522"}],"version-history":[{"count":1,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/12522\/revisions"}],"predecessor-version":[{"id":12529,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/12522\/revisions\/12529"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/12526"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=12522"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=12522"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=12522"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}