SAP issued seven security patches

Enterprise software firm SAP has patched seven bugs affecting three product lines, which could have led hackers to remotely compromise a system.

The flaws were discovered by security firm Onapsis Research Labs in January, affecting database management system HANA, enterprise program BusinessObjects, and analytics software Business Warehouse.

Ezequiel Gutesman, director of research at Onapsis, said: "I would urge all SAP HANA and SAP BusinessObjects users to check our advisories and the remedial steps we share to protect their company’s most important data.

HANA was the most seriously affected of the three programs, being vulnerable to a development workbench code injection that could have allowed hackers to "completely compromise" that system and steal any information processed or stored therein.

BusinessObjects was found to be vulnerable to code injection, information disclosure and denial of service, while the Business Warehouse bug allowed technical information to be accessed by those without the right permissions.

While the bugs were patched in June, details have not been disclosed until now.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing