Categories: CVE/vulnerability

SAP to Address Security Issues With Some Cloud Products and to Notify 440,000 Customers

SAP(Systems Applications and Products) announced on Monday that they are to patch security issues with some of their cloud-based products.

The bugs are identified as a part of the internal cybersecurity audit and the company already started working on it.

SAP Security Issues

SAP said that some of it is “cloud products do not meet one or several contractually agreed or statutory IT security standards” and they started to fix them.

Following are the products affected;

SAP Success Factors, SAP Concur, SAP/CallidusCloud Commissions, SAP/Callidus Cloud CPQ; as well as SAP C4C/Sales Cloud, SAP Cloud Platform, and SAP Analytics Cloud.

SAAP confirms that the vulnerabilities are not identified as a part of a security incident and no customer data has been compromised.

“To ensure that the affected products meet relevant terms and conditions and in addition to technical remediation, SAP has decided to update its security-related terms and conditions. These remain in line with market peers,” reads the advisory.

SAP said they started fixing the bugs with affected products to meet the IT security standards at present and the bug fixes will largely be completed in the second quarter of 2020.

SAP SE executive board has decided to “inform and support the affected customers individually – approximately 9 percent of SAP’s 440,000 customers.”

SAP has more than 75,000 customers in 120 countries and has 140,000 installations worldwide.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

View Comments

  • How can we trust what you are writing when you can't even get your numbers correct. Headline says SAP will notify 440,000 customers but at the end you say SAP has 75,000 customers and 140,000 installations?!?!

    Also the line just above that, which is quoted directly from the SAP press release says that it will inform the customers affected which amounts to 9% of it's 440,000 customers worldwide, meaning less than 40,000 customers will be notified and are potentially affected.

    Also the press release did not say that there were bugs, but instead said that security standards were deficient which could also mean controls.

    Please get your facts, numbers and knowledge right. Highly disappointed with the level of inaccuracy on this post. Not expected from your site.

Recent Posts

Blue Yonder Ransomware Attack Impacts Starbucks & Multiple Supermarkets

A ransomware attack on Blue Yonder, a leading supply chain management software provider, has created…

48 minutes ago

Dell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely

Dell Technologies has released a security update for its Wyse Management Suite (WMS) to address…

1 hour ago

CISA Details Red Team Assessment Including TTPs & Network Defense

The Cybersecurity and Infrastructure Security Agency (CISA) recently detailed findings from a Red Team Assessment…

1 hour ago

IBM Workload Scheduler Vulnerability Stores User Credentials in Plain Text

IBM has issued a security bulletin warning customers about a vulnerability in its Workload Scheduler…

2 hours ago

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of…

2 hours ago

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

18 hours ago