{"id":7773,"date":"2022-05-11T17:34:25","date_gmt":"2022-05-11T15:34:25","guid":{"rendered":"http:\/\/inprosec.com\/?p=7773"},"modified":"2023-12-28T11:53:58","modified_gmt":"2023-12-28T09:53:58","slug":"sap-security-notes-may-2022","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/","title":{"rendered":"SAP Security Notes, May 2022"},"content":{"rendered":"<p><strong>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems.<\/strong><\/p>\n\n<h2>May 2022 notes<\/h2>\n<h3>Summary and highlights of the month<\/h3>\n<p>The total number of notes\/patches has decreased compared to last month. In addition to this decrease in the total number of notes, the number of Hot News also decreased, with 8 notes last month compared to 4 in May. On the other hand, it should be noted that the number of high criticality notes decreased from 7 to 2 this month. As usual, we will leave the medium and low scores unchecked this month, but <strong>we will give details of a total of 6 scores<\/strong> (all those with a CVSS of 7 or higher).<\/p>\n<p>We have<strong> a total of 17 notes<\/strong> for the whole month, 18 less than last April (12 from Patch Tuesday, 8 new and 4 updates, being 21 less than last month).<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>We have 4 Hot News, 3 new and 1 update<\/strong><\/span>, in this month, which stand out for their high CVVS. We will also review in detail 2 of the total of 2 new high notes (those with CVSS greater than or equal to 7).<\/p>\n<ul>\n<li><strong>The most critical notes of the month (with CVSS <span style=\"color: #ff0000;\">9.8<\/span>) are 4 related to &#8220;Remote Code Execution vulnerability&#8221;.<\/strong><\/li>\n<li>The next <strong>in criticality (CVSS <span style=\"color: #ff0000;\">8.3<\/span> and <span style=\"color: #ff0000;\">7.8<\/span>)<\/strong> are two critical scores, one for &#8220;Cross-Site Scripting (XSS) vulnerability in administration UI of SAP Webdispatcher and SAP Netweaver AS for ABAP and Java (ICM)&#8221; and the other for &#8220;Central Management Server Information Disclosure in Business Intelligence Update&#8221;.<\/li>\n<li>The rest (11) are medium level, and we will not look at them in detail, although it is worth noting that there is more than one that affects SAP NetWeaver.<\/li>\n<li>This month the most predominant types are &#8220;Remote Code Execution vulnerability&#8221; (4\/17 and 4\/12 in patch day) and &#8220;Cross-Site Scripting (XSS)&#8221; (3\/17 and 3\/17 in patch day).<\/li>\n<\/ul>\n<p>In the graph (post May 2022 from SAP) we can see the <span style=\"text-decoration: underline;\"><strong>classification of the May notes<\/strong><\/span> in addition to the evolution and classification of the last 5 previous months (only the notes of Sec. Tuesday \/ Patch Day &#8211; by SAP):<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-7776 \" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/05\/notas-sap-mayo.jpg\" alt=\"\" width=\"700\" height=\"368\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/05\/notas-sap-mayo.jpg 1200w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/05\/notas-sap-mayo-300x158.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/05\/notas-sap-mayo-1024x538.jpg 1024w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/05\/notas-sap-mayo-600x315.jpg 600w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/p>\n<h3>Full details<\/h3>\n<p>The<span style=\"text-decoration: underline;\"><strong> full details of the most relevant notes<\/strong><\/span> are as follows:<\/p>\n<ul>\n<li><strong><u>Remote Code Execution vulnerability associated with Spring Framework used in in SAP Business One Cloud (3189409):<\/u><\/strong>\u00a0Symptom: SAP Business One Cloud 1.1 uses a version of Spring Framework which has Remote Code Execution vulnerability. Solution:\u00a0 Upgrade to SAP Business One Cloud 1.1 PL18 Hotfix1.\u00a0<strong>CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">9,8\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-22965).<\/li>\n<li><strong><u>Update \u2013 Central Security Note for Remote Code Execution vulnerability associated with Spring Framework (3170990):<\/u><\/strong>\u00a0This security note is the central document to consolidate all SAP Security Notes released for the Remote Code Execution vulnerability associated with Spring Framework.\u00a0<strong>CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">9,8\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-22965).<\/li>\n<\/ul>\n<p><em><strong>The Spring4Shell Summary HotNews Note, #3170990 was updated and currently includes the following affected SAP applications.<\/strong><\/em><\/p>\n<table class=\"aligncenter\" style=\"height: 300px;\" width=\"411\">\n<tbody>\n<tr>\n<td width=\"61\"><strong>\u00a0 \u00a0<\/strong><span style=\"text-decoration: underline;\"><strong>Note<\/strong><\/span><\/td>\n<td width=\"350\">\n<p style=\"text-align: center;\"><span style=\"text-decoration: underline;\"><strong>SAP Application<\/strong><\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"61\"><strong>3189428<\/strong><\/td>\n<td width=\"350\">SAP HANA Extended Application Services<\/td>\n<\/tr>\n<tr>\n<td width=\"61\"><strong>3187290<\/strong><\/td>\n<td width=\"350\">SAP Customer Checkout<\/td>\n<\/tr>\n<tr>\n<td width=\"61\"><strong>3189429<\/strong><\/td>\n<td width=\"350\">Sybase PowerDesigner Web<\/td>\n<\/tr>\n<tr>\n<td width=\"61\"><strong>3189635<\/strong><\/td>\n<td width=\"350\">SAP Customer Profitability Analytics<\/td>\n<\/tr>\n<tr>\n<td width=\"61\"><strong>3171258<\/strong><\/td>\n<td width=\"350\">SAP Commerce<\/td>\n<\/tr>\n<tr>\n<td width=\"61\"><strong>3189409<\/strong><\/td>\n<td width=\"350\">SAP Business One Cloud<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<ul>\n<li><strong><u>Remote Code Execution vulnerability associated with Spring Framework used in SAP Commerce (3171258):<\/u><\/strong>\u00a0Symptom: SAP Commerce uses a version of Spring Framework which has Remote Code Execution vulnerability. Reason and Prerequisites: This vulnerability affects all SAP Commerce web applications that use Spring MVC. This includes HAC, Backoffice, SmartEdit, and Accelerators. Solution: SAP Commerce fixes this vulnerability by updating to the latest version of Spring libraries. These Spring Framework versions are not affected by this vulnerability anymore. If you cannot upgrade to the latest SAP Commerce Cloud patch release yet, you can implement the workaround described.<strong>\u00a0CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">9,8\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-22965).<\/li>\n<li><strong><u>Remote Code Execution vulnerability associated with Spring Framework used in SAP Customer Profitability Analytics (3189635):<\/u><\/strong>\u00a0Symptom: SAP Customer Profitability Analytics uses a version of Spring Framework which has Remote Code Execution vulnerability. Reason and Prerequisites: SAP Customer Profitability Analytics makes use of a version of the Spring framework that is vulnerable to Spring4Shell attacks. Solution: The Spring framework has been updated to a patched version, which isn\u2019t vulnerable to Spring4Shell attacks.<strong>\u00a0CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">9,8\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-22965).<\/li>\n<li><strong><u>Cross-Site Scripting (XSS) vulnerability in administration UI of SAP Webdispatcher and SAP Netweaver AS for ABAP and Java (ICM) (3145046):<\/u><\/strong>\u00a0It patches a Cross-Site Scripting vulnerability in the administration UI of ICM in SAP Application Server ABAP\/Java, and in the administration UI for SAP Web Dispatcher (stand-alone and (A)SCS instance embedded). SAP and the Onapsis Research Labs (ORL) found a high impact on a system\u2019s confidentiality, integrity, and availability when exploiting the vulnerability. The only thing that prevents this vulnerability from being tagged with a higher CVSS is the fact that an attacker must entice a victim to log on to the administration UI using a browser and that the attack is highly complex.<strong>\u00a0CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">8,3\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-27656).<\/li>\n<li><strong><u>Central Management Server Information Disclosure in Business Intelligence Update (2998510):<\/u><\/strong>\u00a0This note patches a problem that exists during an upgrade of\u00a0 SAP BusinessObjects Enterprise. The upgrade exposes information in the Sysmon event logs that could be used in follow-up attacks with high impact on systems\u2019 confidentiality, integrity, and availability.\u00a0<strong>CVSS v3 Base Score:\u00a0<span style=\"color: #c4c454;\">7.8\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-28214).<\/li>\n<\/ul>\n<h3 style=\"font-weight: 400;\"><strong>Reference links<\/strong><\/h3>\n<p>Reference links of the CERT of the INCIBE in relation to the publication of the notes for May:<\/p>\n<p><a href=\"https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizacion-seguridad-sap-mayo-2022\">https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizacion-seguridad-sap-mayo-2022<\/a><\/p>\n<p>Other references, from SAP and Onapsis (May):<\/p>\n<p><a href=\"https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10\">https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10<\/a><\/p>\n<p><a href=\"https:\/\/onapsis.com\/blog\/sap-security-patch-day-may-2022-spring4shell-vulnerability-has-been-patched-six-sap-applications\">https:\/\/onapsis.com\/blog\/sap-security-patch-day-may-2022-spring4shell-vulnerability-has-been-patched-six-sap-applications<\/a><\/p>\n<h3 style=\"font-weight: 400;\"><strong><u>Resources affected<\/u><\/strong><\/h3>\n<div class=\"w-post-elm post_content\">\n<ul>\n<li>SAP Business One Cloud, versi\u00f3n 1.1;<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform, versiones 420 y 430;<\/li>\n<li>SAP Commerce, versiones 1905, 2005, 2105 y 2011;<\/li>\n<li>SAP Customer Profitability Analytics, versi\u00f3n 2;<\/li>\n<li>SAP Employee Self Service (Fiori My Leave Request), versi\u00f3n 605;<\/li>\n<li>SAP Host Agent, versi\u00f3n 7.22.<\/li>\n<li>SAP NetWeaver Application Server para ABAP y ABAP Platform, versiones 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787 y 788;<\/li>\n<li>SAP Netweaver AS para ABAP y Java (ICM), versiones KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, 8.04, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87 y 8.04;<\/li>\n<li>SAP Webdispatcher, versiones 7.22EXT, 7.49, 7.53, 7.77, 7.81, 7.83 y 7.85.<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. May 2022 notes Summary and highlights of the month The total number of notes\/patches has decreased compared to last month. In addition to this decrease in the total number of notes, the number&#8230;<\/p>\n","protected":false},"author":6,"featured_media":7687,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[95,61],"tags":[],"class_list":["post-7773","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-notes","category-sap-security-en-2"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SAP Security Notes, May 2022 - Inprosec<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, May 2022\" \/>\n<meta property=\"og:description\" content=\"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. May 2022 notes Summary and highlights of the month The total number of notes\/patches has decreased compared to last month. In addition to this decrease in the total number of notes, the number...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-11T15:34:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-28T09:53:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/04\/notas-abril-2022-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, May 2022\",\"datePublished\":\"2022-05-11T15:34:25+00:00\",\"dateModified\":\"2023-12-28T09:53:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/\"},\"wordCount\":968,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/notas-abril-2022-1.jpg\",\"articleSection\":[\"SAP Notes\",\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/\",\"name\":\"SAP Security Notes, May 2022 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/notas-abril-2022-1.jpg\",\"datePublished\":\"2022-05-11T15:34:25+00:00\",\"dateModified\":\"2023-12-28T09:53:58+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/notas-abril-2022-1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/notas-abril-2022-1.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2022\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, May 2022\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, May 2022 - Inprosec","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, May 2022","og_description":"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. May 2022 notes Summary and highlights of the month The total number of notes\/patches has decreased compared to last month. In addition to this decrease in the total number of notes, the number...","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/","og_site_name":"Inprosec","article_published_time":"2022-05-11T15:34:25+00:00","article_modified_time":"2023-12-28T09:53:58+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/04\/notas-abril-2022-1.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, May 2022","datePublished":"2022-05-11T15:34:25+00:00","dateModified":"2023-12-28T09:53:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/"},"wordCount":968,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/04\/notas-abril-2022-1.jpg","articleSection":["SAP Notes","SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/","name":"SAP Security Notes, May 2022 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/04\/notas-abril-2022-1.jpg","datePublished":"2022-05-11T15:34:25+00:00","dateModified":"2023-12-28T09:53:58+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/04\/notas-abril-2022-1.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/04\/notas-abril-2022-1.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2022\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, May 2022"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7773","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=7773"}],"version-history":[{"count":4,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7773\/revisions"}],"predecessor-version":[{"id":9795,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7773\/revisions\/9795"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/7687"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=7773"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=7773"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=7773"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}