Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

9% of SAP’s 440,000 customers impacted by security bugs in some cloud products

The software giant SAP announced to have found security issues in its cloud-based products as part of an internal security review. German software giant SAP announced the discovery of security issues in its cloud-based products as part of an internal security review, the company already started to address the vulnerabilities. The list of the affected […]

SAP

The software giant SAP announced to have found security issues in its cloud-based products as part of an internal security review.

German software giant SAP announced the discovery of security issues in its cloud-based products as part of an internal security review, the company already started to address the vulnerabilities.

The list of the affected products includes Success Factors, Concur, CallidusCloud Commissions, Callidus Cloud CPQ; as well as C4C/Sales Cloud, Cloud Platform, and Analytics Cloud.

The detailed list of vulnerabilities has yet to be disclosed, according to an advisory published by the company the issues will be completed in the second quarter of 2020.

The company announced it will notify approximately 9% of its 440,000 customers, the good news is that the company is not aware of any attack in the wild exploiting the issues.

“SAP continuously reviews and optimizes its cybersecurity infrastructure. The company has identified that some of its cloud products do not meet one or several contractually agreed or statutory IT security standards at present. Specifically, the affected products are limited to the acquired entity products SAP Success Factors, SAP Concur, SAP/CallidusCloud Commissions, SAP/Callidus Cloud CPQ; as well as C4C/Sales Cloud, Cloud Platform and Analytics Cloud.” reads the advisory published by the company.

“These findings were not identified in response to a security incident. As SAP continues with its review, it does not believe that any customer data has been compromised as a result of these issues. In an effort to ensure that the affected products meet relevant terms and conditions and in addition to technical remediation, SAP has decided to update its security-related terms and conditions. These remain in line with market peers.”

The software firm added that the expenses related to the remediation will not impact the current 2020 financial outlook.

“The expenses related to the remediation are expected to be covered within the range of SAP’s current 2020 financial outlook.” concludes the advisory.

“SAP will inform and support the affected customers individually – approximately 9 percent of its 440,000 customers.”

Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – cybersecurity, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]