{"id":8950,"date":"2023-05-11T11:48:21","date_gmt":"2023-05-11T09:48:21","guid":{"rendered":"https:\/\/www.inprosec.com\/?p=8950"},"modified":"2024-01-08T12:04:40","modified_gmt":"2024-01-08T10:04:40","slug":"sap-security-notes-may-2023","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/","title":{"rendered":"SAP Security Notes, May 2023"},"content":{"rendered":"

Inprosec, through its services such as the SAP Security Assessment, helps its clients to improve the security levels of their SAP systems.<\/b><\/p>\n\n

Notas Mayo 2023<\/h2>\n

Resumen y highlights del Mes<\/h3>\n

El n\u00famero total de notas\/parches ha sido de 25, 1 m\u00e1s que el mes pasado. El n\u00famero de Hot News disminuye, pasando de 5 a 3 en este mes. Por otro lado, cabe destacar que el n\u00famero de notas de criticidad alta aumenta pasando de 1 a 9. Como siempre dejaremos las notas medias y bajas sin revisar en este mes, pero daremos detalle de un total de 12<\/strong> notas<\/strong> (todas las que tengan un CVSS de 7<\/strong><\/span> o mayor).<\/p>\n

Tenemos un total de 25 notas<\/strong> para todo el mes (las 24 del patch Tuesday, 18 nuevas y 6 actualizaciones, son el mismo n\u00famero de notas que el pasado patch Tuesday).<\/p>\n

Revisaremos en detalle 12 del total de 12 notas altas y HotNews, 2 de las 3 HotNews son nuevas y 7 de 9 notas altas ser\u00edan nuevas (aquellas de CVSS mayor o igual a 7<\/strong>).<\/p>\n

    \n
  1. La nota m\u00e1s cr\u00edtica del mes (<\/strong>con CVSS 10<\/span>) <\/strong>es una actualizaci\u00f3n de la nota habitual relacionada con “Google Chromium”.<\/strong><\/li>\n
  2. Las siguientes notas en criticidad (<\/strong>con CVSS <\/strong>9,8<\/span> <\/strong>y<\/strong> 9,2<\/strong><\/span>) <\/strong>son 2 HotNews, una relacionada con \u201cMultiple vulnerabilities associated with Reprise License Manager 14.2\u201d<\/strong> y la otra est\u00e1 relacionada con \u201cInformation Disclosure vulnerabilities in SAP BusinessObjects Intelligence Platform\u201d<\/strong><\/li>\n
  3. Las siguientes notas en criticidad (<\/strong>con CVSS <\/strong>8,2<\/strong><\/span>) <\/strong>son 3 notas altas, la primera relacionada con \u201cImproper access control during application start-up in SAP AS NetWeaver JAVA\u201d<\/strong>, la segunda con \u201cPrivilege escalation vulnerability in SAP IBP add-in for Microsoft Excel\u201d <\/strong> y la tercera se trata de una actualizaci\u00f3n de una nota publicada en agosto de 2022 \u201cInformation Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Monitoring DB)\u201d<\/strong><\/li>\n
  4. La siguiente nota en criticidad es una nota alta (<\/strong>con CVSS <\/strong>7,7<\/strong><\/span>), <\/strong>se trata de una actualizaci\u00f3n de una nota publicada en septiembre de 2022 relacionada con \u201cInformation Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (CMC)\u201d<\/strong><\/li>\n
  5. Las siguientes notas en criticidad (<\/strong>con CVSS <\/strong>7,5<\/strong><\/span>) <\/strong>son 4 notas altas, la primera relacionada con \u201cMemory Corruption vulnerability in SAP PowerDesigner(Proxy)\u201d<\/strong>, la segunda con \u201cDOS in SAP Commerce\u201d<\/strong>, la tercera est\u00e1 relacionada con \u201cInformation Disclosure vulnerability in SAP GUI for Windows\u201d<\/strong> y la cuarta est\u00e1 relacionada con \u201cInformation Disclosure vulnerability in SAP Commerce (Backoffice)\u201d<\/strong><\/li>\n
  6. La siguiente nota (<\/strong>con CVSS <\/strong>7,1<\/strong><\/span>) <\/strong>es una nota alta relacionada con \u201cImproper Neutralization of Input in SAPUI5\u201d<\/strong><\/li>\n
  7. Este mes el tipo m\u00e1s predominante es \u201cInformation Disclosure vulnerability\u201d<\/strong> (12\/24 en patch day).<\/li>\n<\/ol>\n

    \u00a0<\/strong>En la gr\u00e1fica (post mayo 2023 de SAP) podemos ver la clasificaci\u00f3n de las notas de mayo<\/u><\/strong>\u00a0adem\u00e1s de la evoluci\u00f3n y clasificaci\u00f3n de los \u00faltimos 5 meses anteriores (solo las notas del Sec. Tuesday \/ Patch Day \u2013 by SAP):<\/p>\n

    \"\"<\/p>\n

    Detalle completo<\/h2>\n

    El detalle completo de las notas SAP m\u00e1s relevantes<\/u><\/strong> es el siguiente (en ingl\u00e9s):<\/p>\n

      \n
    1. \n
        \n
      1. Update – Security updates for the browser control Google Chromium delivered with SAP Business Client (2622660):<\/u><\/strong> This security note addresses multiple vulnerabilities in the 3rd party web browser control Chromium, which can be used within SAP Business Client. This note will be modified periodically based on web browser updates by the open-source project Chromium. The note priority is based on the highest CVSS score of all the vulnerabilities fixed in the latest browser release. If the SAP Business Client release is not updated to the latest patch level, displaying web pages in SAP Business Client via this open-source browser control might lead to different vulnerabilities like memory corruption, Information Disclosure and the like. The solution will be to update the SAP Business Client patch to the newest one, which contains the most current stable major release of the Chromium browser control, which passed the SAP internal quality measurements of SAP Business Client. The note has been re-released with updated \u2018Solution\u2019 and \u2018Support Packages & Patches\u2019 information. CVSS v3 Base Score: <\/strong>10<\/strong><\/span> \/ 10 (Multiple CVE\u00b4s).<\/strong><\/li>\n
      2. Multiple vulnerabilities associated with Reprise License Manager 14.2 component used with SAP 3D Visual Enterprise License Manager (3328495)<\/u><\/strong>: <\/strong>This security note patches five vulnerabilities in version 14.2 of the Reprise License Manager(RLM) component used with SAP 3D Visual Enterprise License Manager as this component is vulnerable to vulnerabilities related to the web interface. The note contains a workaround. CVSS v3 Base Score: <\/strong>9,8<\/strong><\/span> \/ 10 [CVE-2021-44151, CVE-2021-44152, CVE-2021-44153, CVE-2021-44154, CVE-2021-44155].<\/strong><\/li>\n
      3. Information Disclosure vulnerabilities in SAP BusinessObjects Intelligence Platform (3307833):<\/u><\/strong> BusinessObjects Business Intelligence platform allows an authenticated attacker with administrator privileges to get the login token of any logged-in BI user or server over the network without any user interaction. The attacker can impersonate any user on the platform resulting into accessing and modifying data. The attacker can also make the system partially or entirely unavailable. This note includes multiple patches for Information Disclosure vulnerabilities in SAP BusinessObjects Business Intelligence Platform and replaces the patch solutions provided in notes 3217303, 3145769, 3213524, 3213507 <\/em>and 3233226<\/em>. CVSS v3 Base Score: <\/strong>9,1<\/strong><\/span> \/ 10<\/strong> [CVE-2023-28762] <\/strong><\/li>\n<\/ol>\n
          \n
        1. Improper access control during application start-up in SAP AS NetWeaver JAVA (3317453)<\/u><\/strong>: <\/strong>An unauthenticated attacker can connect to an open interface and make use of an open naming and directory API to instantiate an object that has methods that can be called without authorization or authentication causing a vulnerability that allows reading or changing the state of existing services without any effect on availability. CVSS v3 Base Score:<\/strong> 8,2<\/strong><\/span> \/ 10 [CVE-2023-30744].<\/strong><\/li>\n
        2. Privilege escalation vulnerability in SAP IBP add-in for Microsoft Excel (3323415):<\/u><\/strong> The installer of SAP IBP, add-in for Microsoft Excel (Excel Add-in) allows an authenticated attacker to add an InstallScript custom action to a Basic MSI or InstallScript MSI project extracts few binaries to a predefined writable folder during installation time. As a result in privilege escalation, an attacker can run code as an administration that could lead to a high impact on the confidentiality, integrity and availability of the system.\u00a0 Only newly started installation are exploitable. CVSS v3 Base Score: <\/strong>8,2<\/strong><\/span> \/ 10 [CVE-2023-29080]<\/strong><\/li>\n
        3. Update – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) (3213507): <\/u><\/strong>Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network, can access BOE Monitoring database to retrieve and modify (non-personal) system data which would otherwise be restricted. Also, a potential attack could be used to leave the scope of the CMS and have impact on the database. The note indicates that it is necessary to implement security note 3307833<\/strong> for the complete fix as the solution provided by this patch is incomplete. CVSS v3 Base Score: <\/strong>8,2<\/strong><\/span> \/ 10 [CVE-2022-31596]<\/strong><\/li>\n
        4. Update – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (CMC)(<\/u><\/strong> 3217303): <\/u><\/strong>Under certain conditions Central Management Console (CMC) allows an attacker to access certain unencrypted sensitive parameters which would otherwise be restricted. The note indicates that it is necessary to implement security note 3307833<\/strong> for the complete fix as the solution provided by this patch is incomplete. CVSS v3 Base Score: <\/strong>7,7<\/strong><\/span> \/ 10 [CVE-2022-39014]<\/strong><\/li>\n
        5. Memory Corruption vulnerability in SAP PowerDesigner (Proxy) (3300624):<\/u><\/strong> In SAP PowerDesigner an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application. Base Score: <\/strong>7,5<\/strong> <\/span>\/ 10 [CVE-2023-32111]<\/strong><\/li>\n
        6. Denial of service (DOS) in SAP Commerce (3320145): <\/u><\/strong>Due to the fact that SAP Commerce uses XStream, it allows an attacker to prevent legitimate users from accessing a service by terminating the application with a stack overflow error. This has a direct impact on the availability of the system. This vulnerability can affect all SAP Commerce installations that use an outdated Xstream library that is vulnerable to CVE-2022-41966<\/strong>. \u00a0Base Score: <\/strong>7,5<\/strong> <\/span>\/ 10 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/u><\/strong><\/li>\n
        7. Information Disclosure vulnerability in SAP GUI for Windows (3320467):<\/u><\/strong> SAP GUI for Windows allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation. Base Score: <\/strong>7,5<\/strong> <\/span>\/ 10 \u00a0[CVE-2023-32113]<\/strong><\/li>\n
        8. Information Disclosure vulnerability in SAP Commerce (Backoffice) (3321309)<\/u><\/strong>: <\/u>Under certain conditions, SAP Commerce Backoffice allows an attacker to access information via a crafted POST request that would otherwise be restricted, impacting the confidentiality of the system. The Backoffice web application in SAP Commerce before version 2211 uses a version of ZK Framework that has vulnerability CVE-2022-36537<\/strong>. \u00a0Base Score: <\/strong>7,5<\/strong> <\/span>\/ 10 \u00a0<\/strong><\/li>\n
        9. Improper Neutralization of Input in SAPUI5 (3326210): <\/u><\/strong>Due to improper neutralization of input in SAPUI5, sap.m.FormattedText SAPUI5 control allows injection of untrusted CSS. This blocks user\u2019s interaction with the application. Further, in the absence of URL validation by the application, the vulnerability could lead to the attacker reading or modifying user\u2019s information through phishing attack. Base Score: <\/strong>7,1<\/strong> <\/span>\/ 10 \u00a0[CVE-2023-30743].<\/strong><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

          Enlaces de referencia<\/strong><\/h2>\n

          Otras referencias, en ingl\u00e9s de SAP y Onapsis (mayo):<\/p>\n

          Digital Library (sap.com)<\/a><\/p>\n

          SAP Security Patch Day: May 2023 | Onapsis<\/a><\/p>\n

          Recursos afectados<\/strong><\/h2>\n

          El listado completo de los sistemas\/componentes afectados es el siguiente:<\/p>\n

            \n
          • SAP 3D Visual Enterprise License Manager, Version \u201315<\/li>\n
          • SAP AS NetWeaver JAVA, Versions -SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50<\/li>\n
          • SAP BusinessObjects Intelligence Platform, Versions \u2013420, 430<\/li>\n
          • SAP Commerce (Backoffice), Version\u20132105, 2205<\/li>\n
          • SAP Commerce, Versions\u20132105, 2205, 2211<\/li>\n
          • SAP GUI for Windows, Versions-7.70, 8,0<\/li>\n
          • SAP IBP EXCEL ADD-IN, Versions\u20132211, 2302, 2305<\/li>\n
          • SAP PowerDesigner (Proxy), Version -16.7<\/li>\n
          • SAPUI5, Versions-SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 20<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"

            Inprosec, through its services such as the SAP Security Assessment, helps its clients to improve the security levels of their SAP systems. Notas Mayo 2023 Resumen y highlights del Mes El n\u00famero total de notas\/parches ha sido de 25, 1 m\u00e1s que el mes pasado. El n\u00famero de Hot News disminuye, pasando de 5 a…<\/p>\n","protected":false},"author":6,"featured_media":8954,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[95,61],"tags":[],"class_list":["post-8950","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-notes","category-sap-security-en-2"],"acf":[],"yoast_head":"\nSAP Security Notes, May 2023 - Inprosec<\/title>\n<meta name=\"description\" content=\"All updates to SAP systems notes from April 2023, to stay current and improve the security levels of your SAP systems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Notes, May 2023\" \/>\n<meta property=\"og:description\" content=\"All updates to SAP systems notes from April 2023, to stay current and improve the security levels of your SAP systems.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-11T09:48:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-08T10:04:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2023\/05\/notas-sap-mayo-2023.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"SAP Security Notes, May 2023\",\"datePublished\":\"2023-05-11T09:48:21+00:00\",\"dateModified\":\"2024-01-08T10:04:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/\"},\"wordCount\":1520,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/notas-sap-mayo-2023.jpg\",\"articleSection\":[\"SAP Notes\",\"SAP Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/\",\"name\":\"SAP Security Notes, May 2023 - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/notas-sap-mayo-2023.jpg\",\"datePublished\":\"2023-05-11T09:48:21+00:00\",\"dateModified\":\"2024-01-08T10:04:40+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"description\":\"All updates to SAP systems notes from April 2023, to stay current and improve the security levels of your SAP systems.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/notas-sap-mayo-2023.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/notas-sap-mayo-2023.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/sap-security-notes-may-2023\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Notes, May 2023\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Notes, May 2023 - Inprosec","description":"All updates to SAP systems notes from April 2023, to stay current and improve the security levels of your SAP systems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security Notes, May 2023","og_description":"All updates to SAP systems notes from April 2023, to stay current and improve the security levels of your SAP systems.","og_url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/","og_site_name":"Inprosec","article_published_time":"2023-05-11T09:48:21+00:00","article_modified_time":"2024-01-08T10:04:40+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2023\/05\/notas-sap-mayo-2023.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"SAP Security Notes, May 2023","datePublished":"2023-05-11T09:48:21+00:00","dateModified":"2024-01-08T10:04:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/"},"wordCount":1520,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2023\/05\/notas-sap-mayo-2023.jpg","articleSection":["SAP Notes","SAP Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/","url":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/","name":"SAP Security Notes, May 2023 - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2023\/05\/notas-sap-mayo-2023.jpg","datePublished":"2023-05-11T09:48:21+00:00","dateModified":"2024-01-08T10:04:40+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"description":"All updates to SAP systems notes from April 2023, to stay current and improve the security levels of your SAP systems.","breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2023\/05\/notas-sap-mayo-2023.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2023\/05\/notas-sap-mayo-2023.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/sap-security-notes-may-2023\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Notes, May 2023"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/8950","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=8950"}],"version-history":[{"count":3,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/8950\/revisions"}],"predecessor-version":[{"id":9844,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/8950\/revisions\/9844"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/8954"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=8950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=8950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=8950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}