{"id":7899,"date":"2022-07-13T14:01:38","date_gmt":"2022-07-13T12:01:38","guid":{"rendered":"http:\/\/inprosec.com\/?p=7899"},"modified":"2023-12-28T11:53:47","modified_gmt":"2023-12-28T09:53:47","slug":"sap-security-notes-july-2022","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/","title":{"rendered":"SAP Security Notes, July 2022"},"content":{"rendered":"<p><strong>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems.<\/strong><\/p>\n\n<h2>July 2022 notes<\/h2>\n<h3>Summary and highlights of the month<\/h3>\n<p>The total number of notes\/patches was 27, 10 more than last month, despite the higher number of notes, the number of Hot News decreased, being 1 the one we found last month, with none existing in July. On the other hand, it should be noted that the number of high criticality notes increased from 3 to 5 this month. As usual, we will leave the medium and low scores unchecked this month, but <strong>we will give details of a total of 5 scores<\/strong> (all those with a CVSS of <span style=\"color: #d6d611;\">7<\/span> or higher).<\/p>\n<p>We have a total of 27 notes for the whole month, 10 notes more than last June (The 23 from Patch Tuesday, 20 new and 3 updates, 11 notes more than last month).<\/p>\n<p>We will review in detail 5 of the total 5 new high scores (those with CVSS greater than or equal to<span style=\"color: #d6d611;\"> 7<\/span>).<\/p>\n<ul>\n<li><strong>The highest score of the month (with CVSS<span style=\"color: #ff0000;\"> 8.3<\/span>)<\/strong> is the &#8220;Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console)&#8221;.<\/li>\n<li>The next <strong>in criticality (CVSS<span style=\"color: #d6d611;\"> 7.6<\/span>, <span style=\"color: #d6d611;\">7.5<\/span>, <span style=\"color: #d6d611;\">7.4<\/span> and <span style=\"color: #d6d611;\">7.4<\/span>)<\/strong> are four high scores, one for &#8220;Information Disclosure vulnerability in SAP Business One&#8221;, one related to &#8220;Missing Authentication check in SAP Business One (License serviceAPI)&#8221;, one related to &#8220;Code Injection vulnerability in SAP Business One&#8221; and the last one is an update related to &#8220;Improper Access Control check in SAP NetWeaver basicadmin and adminadapter services&#8221;.<\/li>\n<li>The rest (22) are of medium and low level, and we will not see them in detail, although it should be noted that there is more than one that affects SAP NetWeaver.<\/li>\n<li>This month the most predominant types are &#8220;Cross-Site Scripting (XSS) vulnerability&#8221; (7\/27 and 7\/23 in patch day) and &#8220;Missing Authorization Check&#8221; (5\/27 and 3\/23 in patch day).<\/li>\n<\/ul>\n<p>In the graph (post July 2022 from SAP) we can see the <span style=\"text-decoration: underline;\"><strong>ranking of the July notes<\/strong> <\/span>in addition to the evolution and ranking of the last 5 previous months (only the notes of Sec. Tuesday \/ Patch Day &#8211; by SAP):<img decoding=\"async\" class=\"aligncenter wp-image-7902 \" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg\" alt=\"\" width=\"700\" height=\"367\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg 1200w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio-300x158.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio-1024x538.jpg 1024w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio-600x315.jpg 600w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/p>\n<h3>Full details<\/h3>\n<ul>\n<li><b><u><span lang=\"EN-GB\">Information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console) (3221288):<\/span><\/u><\/b><span lang=\"EN-GB\"> SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application. Taken care of hiding token.This is fixed in all available code lines. 4.2 SP09 Patch 9, 4.3 SP01 and above releases. <b>CVSS v3 Base Score<\/b>: <span style=\"color: #ff0000;\"><b>8,3<\/b><\/span> <b>\/ 10 (CVE-2022-35228)<\/b>.<\/span><\/li>\n<li><span style=\"text-decoration: underline;\"><strong> Information Disclosure vulnerability in SAP Business One (3212997)<\/strong><\/span>: Under special integration scenario of SAP Business one and SAP HANA, an attacker can exploit HANA cockpit\u2019s data volume to gain access to highly sensitive information. The note offers a workaround, use Explicit Password instead of XPAth Password in FTP Adapter. For other parts, customer need upgrade B1. <strong>CVSS v3 Base Score: <span style=\"color: #dbdb00;\">7,6<\/span> \/ 10 (CVE-2022-32249).<\/strong><\/li>\n<li><span style=\"text-decoration: underline;\"><strong>Missing Authentication check in SAP Business One (License service API) (3157613):<\/strong><\/span> Due to missing authentication check, SAP Business one allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.To solve this issue, customers should upgrade to SAP Business One 10.0 FP2202. For SAP customers who cannot apply the corresponding patch immediately, the note refers to knowledge base article 3189816 for a temporary workaround describing how to prevent end users from accessing the license API. <strong>CVSS v3 Base Score: <span style=\"color: #dbdb00;\">7,5<\/span> \/ 10.<\/strong><\/li>\n<li><span style=\"text-decoration: underline;\"><strong>Code Injection vulnerability in SAP Business One (31911012)<\/strong><\/span>: SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application. <strong>CVSS v3 Base Score: <span style=\"color: #dbdb00;\">7.4<\/span> \/ 10 (CVE-2022-31593).<\/strong><\/li>\n<li><span style=\"text-decoration: underline;\"><strong>Update &#8211; Improper Access Control check in SAP NetWeaver basicadmin and adminadapter services (3147498):<\/strong><\/span> Improper Access Control is detected in SAP NetWeaver AS Java, basicadmin and adminadapter services remote objects are not properly protected. As a result, some administrative functionalities are exposed to public access, which means the Availability could be impacted. This correction discontinues public access to basicadmin and adminadapter services remote objects by introducing required authentication and authorization protection. To solve the issue, please apply the corrective measure according to the &#8220;Support Packages &amp; Patches&#8221; section of the note. <strong>CVSS v3 Base Score: <span style=\"color: #dbdb00;\">7.4<\/span> \/ 10<\/strong><\/li>\n<\/ul>\n<h3 style=\"font-weight: 400;\"><strong>Reference links<\/strong><\/h3>\n<p>Other references, from SAP and Onapsis (July):<\/p>\n<p><a href=\"https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10\">https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10<\/a><\/p>\n<p><a href=\"https:\/\/onapsis.com\/blog\/sap-security-patch-day-july-2022-three-applications-focus\">https:\/\/onapsis.com\/blog\/sap-security-patch-day-july-2022-three-applications-focus<\/a><\/p>\n<h3 style=\"font-weight: 400;\"><strong><u>Resources affected<\/u><\/strong><\/h3>\n<div class=\"w-post-elm post_content\">\n<ul>\n<li>SAP Adaptive Server Enterprise (ASE),Version -KERNEL 7.22, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53<\/li>\n<li>SAP Business Objects, Version -420<\/li>\n<li>SAP Business One License serviceAPI, Version -10.0<\/li>\n<li>SAP Business One, Version -10.0<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform (Central management console),Versions -420, 430<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform (LCM),Versions -420, 430<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform (Visual Difference Application),Versions -420, 430<\/li>\n<li>SAP BusinessObjects Business Intelligence Platform 4.x,Versions -420, 430<\/li>\n<li>SAP BusinessObjects BW Publisher Service, Versions -420,430<\/li>\n<li>SAP Enterprise Extension Defense Forces &amp; Public Security (EA-DFPS),Versions -605, 606, 616,617,618, 802, 803, 804, 805, 806<\/li>\n<li>SAP Enterprise Portal, Versions -7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50<\/li>\n<li>SAP NetWeaver Application Server for ABAP and ABAP Platform,Versions -700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, 788<\/li>\n<li>SAP NetWeaver Enterprise Portal (WPC), Versions -7.30, 7.31, 7.40, 7.50<\/li>\n<li>SAP NetWeaver Enterprise Portal, Versions -7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.5<\/li>\n<li>SAP3D Visual Enterprise Viewer, Version -9.0<\/li>\n<li>SAPS\/4HANA(Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer),Versions -104, 105, 106<\/li>\n<li>SAPS\/4HANA, Versions -101, 102, 103, 104, 105, 106<\/li>\n<li>SAPS\/4HANA, Versions -S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. July 2022 notes Summary and highlights of the month The total number of notes\/patches was 27, 10 more than last month, despite the higher number of notes, the number of Hot News decreased,&#8230;<\/p>\n","protected":false},"author":6,"featured_media":7902,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[95,16],"tags":[],"class_list":["post-7899","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-notes","category-sap-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SAP Security Notes, July 2022 - Inprosec<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, July 2022\" \/>\n<meta property=\"og:description\" content=\"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. July 2022 notes Summary and highlights of the month The total number of notes\/patches was 27, 10 more than last month, despite the higher number of notes, the number of Hot News decreased,...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-13T12:01:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-28T09:53:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, July 2022\",\"datePublished\":\"2022-07-13T12:01:38+00:00\",\"dateModified\":\"2023-12-28T09:53:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/\"},\"wordCount\":924,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/notas-sap-julio.jpg\",\"articleSection\":[\"SAP Notes\",\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/\",\"name\":\"SAP Security Notes, July 2022 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/notas-sap-julio.jpg\",\"datePublished\":\"2022-07-13T12:01:38+00:00\",\"dateModified\":\"2023-12-28T09:53:47+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/notas-sap-julio.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/notas-sap-julio.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-july-2022\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, July 2022\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, July 2022 - Inprosec","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, July 2022","og_description":"Inprosec through its services, such as the SAP Security Assessment, helps its customers to improve the security levels of their SAP systems. July 2022 notes Summary and highlights of the month The total number of notes\/patches was 27, 10 more than last month, despite the higher number of notes, the number of Hot News decreased,...","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/","og_site_name":"Inprosec","article_published_time":"2022-07-13T12:01:38+00:00","article_modified_time":"2023-12-28T09:53:47+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, July 2022","datePublished":"2022-07-13T12:01:38+00:00","dateModified":"2023-12-28T09:53:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/"},"wordCount":924,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg","articleSection":["SAP Notes","SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/","name":"SAP Security Notes, July 2022 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg","datePublished":"2022-07-13T12:01:38+00:00","dateModified":"2023-12-28T09:53:47+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/07\/notas-sap-julio.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-july-2022\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, July 2022"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7899","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=7899"}],"version-history":[{"count":3,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7899\/revisions"}],"predecessor-version":[{"id":9793,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/7899\/revisions\/9793"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/7902"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=7899"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=7899"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=7899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}