{"id":6327,"date":"2021-10-18T09:40:16","date_gmt":"2021-10-18T07:40:16","guid":{"rendered":"http:\/\/inprosec.com\/sap-security-notes-october-2021\/"},"modified":"2022-03-17T18:44:17","modified_gmt":"2022-03-17T16:44:17","slug":"sap-security-notes-october-2021","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/","title":{"rendered":"SAP Security Notes, October 2021"},"content":{"rendered":"<p><strong>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems.<\/strong><\/p>\n\n<h2>October 2021 notes<\/h2>\n<h3>Summary and highlights of the month<\/h3>\n<p>The total number of notes\/patches has decreased compared to last month. In addition to this drop in the number of total notes, the number of Hot News has decreased, with 7 notes last month compared to 3 in September. On the other hand, it should be noted that the number of high criticality notes decreased from 2 to only 1 this month. As usual, we will leave the medium and low scores unchecked this month, but <strong>we will give details of a total of 4 scores<\/strong> (all those with a CVSS of <strong>7<\/strong> or higher).<\/p>\n<p>We have <strong>a total of 17 notes<\/strong> for the whole month, 4 less than last September (14 from Patch Tuesday, 13 new and 1 update, being 5 less than last month).<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>We have 2 new Hot News, being the total of 3<\/strong><\/span> in this month that stand out for their high CVVS, one of them the recurring update for the SAP Business Client with Chromium. We will also review in detail the total of high notes (those with CVSS greater than or equal to <span style=\"color: #f2f252;\">7<\/span>), a single new note this month.<\/p>\n<ul>\n<li>The most critical note of the month (with CVSS <span style=\"color: #ff0000;\">10<\/span>) would be the update of &#8220;Browser Control Chromium Delivered with SAP Business Client (2622660)&#8221;.<\/li>\n<li>Next in criticality (with CVSS <span style=\"color: #ff0000;\">9.8<\/span> and <span style=\"color: #ff0000;\">9.1<\/span>) are 2 releases fixing issues with open source software component versions (the first release) and missing authorization checks in SAP NetWeaver AS ABAP and ABAP Platform (second release).<\/li>\n<li>From there, we located a high priority score with a CVSS of<span style=\"color: #f2f252;\"> 7.8<\/span> related to &#8220;SAP SuccessFactors Mobile Application for Android&#8221;. The rest (13) are medium and low level, and we will not look at them in detail.<\/li>\n<li>This month the most predominant types are &#8220;Denial of Service&#8221; (3\/17 and 3\/14 in patch day), &#8220;Information Disclosure&#8221; and &#8220;Cross-Site Scripting&#8221; (both with 2\/17 and 2\/14 in patch day).<\/li>\n<\/ul>\n<p>In the graph (post October 2021 from SAP) we can see the <span style=\"text-decoration: underline;\"><strong>ranking of the October notes<\/strong><\/span>\u00a0in addition to the evolution and ranking of the last 5 previous months (only the notes of Sec. Tuesday \/ Patch Day &#8211; by SAP):<\/p>\n<h3><a ref=\"magnificPopup\" href=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg\"><img decoding=\"async\" class=\"wp-image-3671 aligncenter\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg\" alt=\"\" width=\"794\" height=\"417\" \/><\/a><\/h3>\n<h3>Full details<\/h3>\n<p>The<span style=\"text-decoration: underline;\"><strong> full details of the most relevant notes<\/strong><\/span> are as follows:<\/p>\n<ol>\n<li><strong><u>Update &#8211; Security updates for the browser control Google Chromium delivered with SAP Business Client (2622660):<\/u><\/strong> It provides a SAP Business Client Patch with the latest tested Chromium fixes. SAP Business Client customers already know that updates of this note always contain important fixes that must be addressed. This note will be modified periodically based on web browser updates by the open source project Chromium. The note priority is based on the highest CVSS score of all the vulnerabilities fixed in the latest browser release.<strong> CVSS v3 Base Score: <span style=\"color: #ff0000;\">10<\/span> \/ 10<\/strong> .<\/li>\n<li><strong><u>Potential XML External Entity Injection Vulnerability in SAP Environmental Compliance (3101406):<\/u><\/strong> It patches a potential Injection Vulnerability in SAP Environmental Compliance. Functionality Data Import from Excel Template in SAP Environmental Compliance 3.0 uses open source software component versions having vulnerabilities CVE-2020-10683, BDSA-2017-0180, CVE-2021-23926. Consequently this functionality is potentially at risk of XML External Entity Injection attack. To fix that, two open source software component versions are replaced by secure version. Additionally, a new optional API no longer uses the vulnerable open source software component..<strong> CVSS v3 Base Score: <span style=\"color: #ff0000;\">9,8<\/span> \/ 10<\/strong> (Multiple CVEs).<\/li>\n<li><strong><u>Improper Authorization in SAP NetWeaver AS ABAP and ABAP Platform (3097887):<\/u><\/strong> It contains a fix to an issue with lack of authorization check in the software logistics system of SAP NetWeaver AS ABAP and ABAP Platform. The issue enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious code can reach quality and production systems and may completely compromise systems confidentiality, integrity, and availability. Then, a malicious user with developer and administrator permission may use tools of the software logistics system, for which not necessary authorizations are checked properly. To fix this, the vulnerable report is deleted for future versions and the report is made unavailable with a LEAVE PROGRAM statement by the given correction instruction and Support Packages. <strong>CVSS v3 Base Score: <span style=\"color: #ff0000;\">9.1<\/span> \/ 10<\/strong> (CVE-2021-38178).<\/li>\n<li><strong><u>Denial of service (DOS) in the SAP SuccessFactors Mobile Application for Android devices (3077635):<\/u><\/strong> It patches a vulnerability that has been identified in SAP SuccessFactors Mobile Application for Android, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service or also lead to phishing attack, that can be used for staging other types of attacks. Several measures have been taken to resolve the identified vulnerability in the most recent software update. This vulnerability impacts users who are using the Android mobile application version released previous to 2018. To fix that, download the latest version of the SAP SuccessFactors Android mobile application so your organization is not at risk of any threats highlighted from this vulnerability. <strong>CVSS v3 Base Score: <span style=\"color: #f2f252;\">7.8<\/span> \/ 10<\/strong> (CVE-2021-40498).<\/li>\n<\/ol>\n<h3 style=\"font-weight: 400;\"><strong>Reference links<\/strong><\/h3>\n<p>Reference links of the CERT of the INCIBE in relation to the publication of the notes for October:<\/p>\n<p><a href=\"https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizacion-seguridad-sap-octubre-2021\" target=\"_blank\" rel=\"noopener\">https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizacion-seguridad-sap-octubre-2021<\/a><\/p>\n<p>Other references, from SAP and Onapsis (October):<\/p>\n<p><a href=\"https:\/\/wiki.scn.sap.com\/wiki\/pages\/viewpage.action?pageId=587169983\" target=\"_blank\" rel=\"noopener\">https:\/\/wiki.scn.sap.com\/wiki\/pages\/viewpage.action?pageId=587169983<\/a><\/p>\n<p><a href=\"https:\/\/onapsis.com\/blog\/sap-security-patch-day-october-2021-critical-patches-sap-environmental-compliance-and-sap\" target=\"_blank\" rel=\"noopener\">https:\/\/onapsis.com\/blog\/sap-security-patch-day-october-2021-critical-patches-sap-environmental-compliance-and-sap<\/a><\/p>\n<h3 style=\"font-weight: 400;\"><strong><u>Resources affected<\/u><\/strong><\/h3>\n<ul>\n<li>SAP Business Client, versi\u00f3n 6.5;<\/li>\n<li>SAP Business One, versi\u00f3n 10.0;<\/li>\n<li>SAP BusinessObjects Analysis para OLAP, versi\u00f3n 420 y 430;<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform, versi\u00f3n 420 y 430;<\/li>\n<li>SAP Environmental Compliance, versi\u00f3n 3.0;<\/li>\n<li>SAP NetWeaver:\n<ul>\n<li>Application Server for ABAP (SAP Cloud Print Manager and SAPSprint), versi\u00f3n 7.70, 7.70PI y 7.70BYD;<\/li>\n<li>AS ABAP and ABAP Platform, versi\u00f3n 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756 y 785;<\/li>\n<li>Versi\u00f3n 700, 701, 702 y 730;<\/li>\n<\/ul>\n<\/li>\n<li>SAP SuccessFactors Mobile Application, versiones anteriores a 2018;<\/li>\n<li>SAPUI5, versi\u00f3n 750, 753 y 754;<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. October 2021 notes Summary and highlights of the month The total number of notes\/patches has decreased compared to last month. In addition to this drop in the number of total notes, the number&#8230;<\/p>\n","protected":false},"author":6,"featured_media":5293,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[61],"tags":[],"class_list":["post-6327","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-security-en-2"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.6) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SAP Security Notes, October 2021 - Inprosec<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, October 2021\" \/>\n<meta property=\"og:description\" content=\"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. October 2021 notes Summary and highlights of the month The total number of notes\/patches has decreased compared to last month. In addition to this drop in the number of total notes, the number...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-18T07:40:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-17T16:44:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, October 2021\",\"datePublished\":\"2021-10-18T07:40:16+00:00\",\"dateModified\":\"2022-03-17T16:44:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/\"},\"wordCount\":947,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/notas-octubre.jpg\",\"articleSection\":[\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/\",\"name\":\"SAP Security Notes, October 2021 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/notas-octubre.jpg\",\"datePublished\":\"2021-10-18T07:40:16+00:00\",\"dateModified\":\"2022-03-17T16:44:17+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/notas-octubre.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/notas-octubre.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-october-2021\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, October 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, October 2021 - Inprosec","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, October 2021","og_description":"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. October 2021 notes Summary and highlights of the month The total number of notes\/patches has decreased compared to last month. In addition to this drop in the number of total notes, the number...","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/","og_site_name":"Inprosec","article_published_time":"2021-10-18T07:40:16+00:00","article_modified_time":"2022-03-17T16:44:17+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, October 2021","datePublished":"2021-10-18T07:40:16+00:00","dateModified":"2022-03-17T16:44:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/"},"wordCount":947,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg","articleSection":["SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/","name":"SAP Security Notes, October 2021 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg","datePublished":"2021-10-18T07:40:16+00:00","dateModified":"2022-03-17T16:44:17+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/10\/notas-octubre.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-october-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, October 2021"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/6327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=6327"}],"version-history":[{"count":1,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/6327\/revisions"}],"predecessor-version":[{"id":7422,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/6327\/revisions\/7422"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/5293"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=6327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=6327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=6327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}