SAP Security Issues

SAP(Systems Applications and Products) announced on Monday that they are to patch security issues with some of their cloud-based products.

The bugs are identified as a part of the internal cybersecurity audit and the company already started working on it.

SAP Security Issues

SAP said that some of it is “cloud products do not meet one or several contractually agreed or statutory IT security standards” and they started to fix them.

Following are the products affected;

SAP Success Factors, SAP Concur, SAP/CallidusCloud Commissions, SAP/Callidus Cloud CPQ; as well as SAP C4C/Sales Cloud, SAP Cloud Platform, and SAP Analytics Cloud.

SAAP confirms that the vulnerabilities are not identified as a part of a security incident and no customer data has been compromised.

“To ensure that the affected products meet relevant terms and conditions and in addition to technical remediation, SAP has decided to update its security-related terms and conditions. These remain in line with market peers,” reads the advisory.

SAP said they started fixing the bugs with affected products to meet the IT security standards at present and the bug fixes will largely be completed in the second quarter of 2020.

SAP SE executive board has decided to “inform and support the affected customers individually – approximately 9 percent of SAP’s 440,000 customers.”

SAP has more than 75,000 customers in 120 countries and has 140,000 installations worldwide.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

1 COMMENT

  1. How can we trust what you are writing when you can’t even get your numbers correct. Headline says SAP will notify 440,000 customers but at the end you say SAP has 75,000 customers and 140,000 installations?!?!

    Also the line just above that, which is quoted directly from the SAP press release says that it will inform the customers affected which amounts to 9% of it’s 440,000 customers worldwide, meaning less than 40,000 customers will be notified and are potentially affected.

    Also the press release did not say that there were bugs, but instead said that security standards were deficient which could also mean controls.

    Please get your facts, numbers and knowledge right. Highly disappointed with the level of inaccuracy on this post. Not expected from your site.

Leave a Reply