{"id":7857,"date":"2022-06-16T13:16:47","date_gmt":"2022-06-16T11:16:47","guid":{"rendered":"http:\/\/inprosec.com\/?p=7857"},"modified":"2023-12-28T11:53:54","modified_gmt":"2023-12-28T09:53:54","slug":"sap-security-notes-june-2022","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/","title":{"rendered":"SAP Security Notes, June 2022"},"content":{"rendered":"<p><strong>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems.<\/strong><\/p>\n\n<h2>June 2022 notes<\/h2>\n<h3>Summary and highlights of the month<\/h3>\n<p>The total number of notes\/patches has remained the same as last month. In addition to this equality in the total number of notes, the number of Hot News decreased, with 4 notes last month compared to the only one in June. On the other hand, it should be noted that the number of high criticality notes increased from 2 to 3 this month. As usual, we will leave the medium and low scores unchecked this month, but<strong> we will give details of a total of 4 scores<\/strong> (all those with a CVSS of <span style=\"color: #c4c40c;\">7<\/span> or higher).<\/p>\n<p>We have <strong>a total of 17 notes<\/strong> for the whole month, exactly the same as last May (12 from Patch Tuesday, 10 new ones and 2 updates, being the same as last month).<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>We have only one critical note (Hot News), being this one an update<\/strong><\/span>, in this month, that stands out for its high CVVS. We will also review in detail 3 of the total of 3 new high notes (those with CVSS greater than or equal to <span style=\"color: #c4c40c;\">7<\/span>).<\/p>\n<ul>\n<li><strong>The most critical note of the month (with CVSS <span style=\"color: #ff0000;\">10<\/span>) is the usual note related to &#8220;Google Chromium&#8221;.<\/strong><\/li>\n<li>The next <strong>in criticality (CVSS <span style=\"color: #ff0000;\">8.6<\/span>, <span style=\"color: #ff0000;\">8.2<\/span> and <span style=\"color: #c4c40c;\">7.8<\/span>)<\/strong> are three high scores, one related to &#8220;Improper Access Control of SAProuter for SAP NetWeaver and ABAP Platform&#8221;, another one related to &#8220;Improper Access Control check in SAP Netweaver AS JAVA&#8221;, and the last one related to &#8220;Potential privilege escalation in SAP PowerDesigner Proxy 16.7&#8221;.<\/li>\n<li>The rest (9) are medium and low level, and we will not see them in detail, although it should be noted that there is more than one that affects SAP NetWeaver.<br \/>\nThis month the most predominant types are &#8220;Privilege Escalation vulnerability&#8221; (4\/17 and 4\/12 in patch day) and &#8220;Missing Authorization Check&#8221; (3\/17 and 1\/12 in patch day).<\/li>\n<\/ul>\n<p>In the graph (post June 2022 from SAP) we can see the <strong>classification of the June notes<\/strong> in addition to the evolution and classification of the last 5 previous months (only the notes of Sec. Tuesday \/ Patch Day &#8211; by SAP):<\/p>\n<p><img decoding=\"async\" class=\"aligncenter  wp-image-7860\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg\" alt=\"\" width=\"799\" height=\"420\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg 1200w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio-300x158.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio-1024x538.jpg 1024w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio-600x315.jpg 600w\" sizes=\"(max-width: 799px) 100vw, 799px\" \/><\/p>\n<h3>Full details<\/h3>\n<ul>\n<li><strong><u>Update \u2013 Security updates for the browser control Google Chromium delivered with SAP Business Client (2622660):<\/u><\/strong>\u00a0This security note addresses multiple vulnerabilities in the 3rd party web browser control Chromium, which can be used within SAP Business Client. This note will be modified periodically based on web browser updates by the open source project Chromium. The note priority is based on the highest CVSS score of all the vulnerabilities fixed in the latest browser release. If the SAP Business Client release is not updated to the latest patch level, displaying web pages in SAP Business Client via this open source browser control might lead to different vulnerabilities like memory corruption, Information Disclosure and the like. The solution will be to update the SAP Business Client patch to the newest one, which contains the most current stable major release of the Chromium browser control, which passed the SAP internal quality measurements of SAP Business Client.\u00a0<strong>CVSS v3 Base Score<\/strong>:\u00a0<span style=\"color: #ff0000;\"><strong>10<\/strong>\u00a0<\/span>\/ 10 (Multiple CVE\u00b4s).<\/li>\n<li><strong><u>Improper Access Control of SAProuter for SAP NetWeaver and ABAP Platform (3158375):<\/u><\/strong>\u00a0Depending on the configuration of the route permission table in file \u00absaprouttab\u00bb,\u00a0 it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform, from a remote client, for example stopping the SAProuter, that could highly impact systems availability. SAProuter is designed to restrict administration commands to clients that run on the same host as SAProuter. Administration commands should not be allowed from remote clients. The correction is contained in SAProuter, it is delivered in the following components on SAP Service Marketplace: SAPROUTER versions 7.53 and 7.22, and in the Package saprouter.sar in the SAP KERNEL versions 7.85, 7.81 and 7.77. Nevertheless, it is recommended to use SAPROUTER version 7.53. Keep in mind that the correction will be delivered in future versions of SP stack kernel SAPEXE.SAR, but it will not be available in SAPEXE.SAR in all versions when this SAP note is published.\u00a0<strong>CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">8,6\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-27668).<\/li>\n<li><strong><u>Improper Access Control check in SAP NetWeaver basicadmin and adminadapter services (3147498):<\/u><\/strong>\u00a0Improper Access Control is detected in SAP NetWeaver AS Java, basicadmin and adminadapter services remote objects are not properly protected. As a result, some administrative functionalities are exposed to public access, which means the Availability could be impacted. This correction discontinues public access to basicadmin and adminadapter services remote objects by introducing required authentication and authorization protection. To solve the issue, please\u00a0 apply the corrective measure according to the \u00abSupport Packages &amp; Patches\u00bb section of the note..\u00a0<strong>CVSS v3 Base Score:\u00a0<span style=\"color: #ff0000;\">8,2\u00a0<\/span>\/ 10<\/strong>.<\/li>\n<li><strong><u>Potential privilege escalation in SAP PowerDesigner Proxy 16.7 (3197005):<\/u><\/strong>\u00a0SAP PowerDesigner Proxy, allows an attacker with low privileges and has local access, with the ability to work around system\u2019s root disk access restrictions to Write\/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system. This issue when \u00abSAP PowerDesigner Proxy 16.7\u00bb SP05 up to including PL2 is installed. To solve the issue, the action would be to upgrade the \u00abSAP PowerDesigner Proxy 16.7\u00bb to version SP05 PL03 or higher.<strong>\u00a0CVSS v3 Base Score:\u00a0<span style=\"color: #c4c40c;\">7.8\u00a0<\/span>\/ 10<\/strong>\u00a0(CVE-2022-31590).<\/li>\n<\/ul>\n<h3 style=\"font-weight: 400;\"><strong>Reference links<\/strong><\/h3>\n<p>Reference links of the CERT of the INCIBE in relation to the publication of the notes for June:<\/p>\n<p><a href=\"https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizacion-seguridad-sap-junio-2022\">https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizacion-seguridad-sap-junio-2022<\/a><\/p>\n<p>Other references, from SAP and Onapsis (June):<\/p>\n<p><a href=\"https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10\">https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10<\/a><\/p>\n<p><a href=\"https:\/\/onapsis.com\/blog\/sap-security-patch-day-june-2022-improper-access-control-can-compromise-your-systems\">https:\/\/onapsis.com\/blog\/sap-security-patch-day-june-2022-improper-access-control-can-compromise-your-systems<\/a><\/p>\n<h3 style=\"font-weight: 400;\"><strong><u>Resources affected<\/u><\/strong><\/h3>\n<div class=\"w-post-elm post_content\">\n<ul>\n<li>SAP 3D Visual Enterprise Viewer, versi\u00f3n 9.0;<\/li>\n<li>SAP Adaptive Server Enterprise (ASE), versiones -KERNEL 7.22, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53;<\/li>\n<li>SAP Business Client, versi\u00f3n 6.5;<\/li>\n<li>SAP ERP, localization for CEEcountries, versiones -C-CEE110_600, 110_602, 110_603, 110_604, 110_700;<\/li>\n<li>SAP Financials, versiones -SAP_FIN 618, 720;<\/li>\n<li>SAP Host Agent, versi\u00f3n \u2013 7.22;<\/li>\n<li>SAP NetWeaver Application Server for ABAP and ABAP Platform, versiones -700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, 788;<\/li>\n<li>SAP NetWeaver AS ABAP, AS Java, and HANA Database, versiones -KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53;<\/li>\n<li>SAP NetWeaver and ABAP Platform, versiones -KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC .22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAP_ROUTER 7.53, 7.22;<\/li>\n<li>SAP NetWeaver Developer Studio (NWDS), versi\u00f3n -7.50;<\/li>\n<li>SAP NetWeaver Development Infrastructure (Design Time Repository), versiones -7.30, 7.31, 7.40, 7.50;<\/li>\n<li>SAP PowerDesigner Proxy 16.7;<\/li>\n<li>SAP S\/4Hana Core, versiones -S4CORE 100, 101, 102, 103, 104, 105, 106, 107, 108;<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. June 2022 notes Summary and highlights of the month The total number of notes\/patches has remained the same as last month. In addition to this equality in the total number of notes, the&#8230;<\/p>\n","protected":false},"author":6,"featured_media":7860,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[95,16],"tags":[],"class_list":["post-7857","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-notes","category-sap-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SAP Security Notes, June 2022 - Inprosec<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, June 2022\" \/>\n<meta property=\"og:description\" content=\"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. June 2022 notes Summary and highlights of the month The total number of notes\/patches has remained the same as last month. In addition to this equality in the total number of notes, the...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-16T11:16:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-28T09:53:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, June 2022\",\"datePublished\":\"2022-06-16T11:16:47+00:00\",\"dateModified\":\"2023-12-28T09:53:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/\"},\"wordCount\":1055,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/notas-junio.jpg\",\"articleSection\":[\"SAP Notes\",\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/\",\"name\":\"SAP Security Notes, June 2022 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/notas-junio.jpg\",\"datePublished\":\"2022-06-16T11:16:47+00:00\",\"dateModified\":\"2023-12-28T09:53:54+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/notas-junio.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/notas-junio.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-june-2022\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, June 2022\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, June 2022 - Inprosec","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, June 2022","og_description":"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. June 2022 notes Summary and highlights of the month The total number of notes\/patches has remained the same as last month. In addition to this equality in the total number of notes, the...","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/","og_site_name":"Inprosec","article_published_time":"2022-06-16T11:16:47+00:00","article_modified_time":"2023-12-28T09:53:54+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, June 2022","datePublished":"2022-06-16T11:16:47+00:00","dateModified":"2023-12-28T09:53:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/"},"wordCount":1055,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg","articleSection":["SAP Notes","SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/","name":"SAP Security Notes, June 2022 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg","datePublished":"2022-06-16T11:16:47+00:00","dateModified":"2023-12-28T09:53:54+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/06\/notas-junio.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-june-2022\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, June 2022"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7857","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=7857"}],"version-history":[{"count":3,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7857\/revisions"}],"predecessor-version":[{"id":9794,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7857\/revisions\/9794"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/7860"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=7857"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=7857"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=7857"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}