Security Advisories

Die Onapsis Research Labs veröffentlichen regelmäßig Forschungsberichte zu den neuesten SAP®- und Oracle®-Schwachstellen und stellen diese unserem Öko-System aus Kunden, Partnern und IT-Sicherheitsanbietern zur Verfügung. 

Mit unseren Security Advisories können Kunden die Sicherheits- und Geschäftsrisiken besser abschätzen, die von den jüngsten Schwachstellen in SAP®- und Oracle®-Anwendungen ausgehen. Sie können damit festlegen, in welcher Reihenfolge Patches, Updates und Reparaturmaßnahmen durchzuführen sind, um die Kontinuität des Geschäftsbetriebs zu sichern. Die Security Advisories von Onapsis – einschließlich Hersteller-Patches und -Sicherheitshinweisen – stehen für Sie zum Download bereit. So werden Anbieter und Endnutzer mit den notwendigen Informationen versorgt, um die steigenden Bedrohungen für die geschäftskritischen SAP®- und Oracle®-Anwendungen zu reduzieren. 

Oracle
07/28/2016
By exploiting this vulnerability, an unauthenticated attacker could remotely shutdown the entire JD Edwards infrastructure.
Critical
Oracle
07/28/2016
By exploiting this vulnerability, an unauthenticated attacker could achieve administrative rights and would be able to potentially compromise all information stored and processed on the JDE System.
Medium
Oracle
07/28/2016
By exploiting this vulnerability, an unauthenticated attacker could shut down the Server Manager.
Critical
Oracle
07/28/2016
By exploiting this vulnerability, an unauthenticated attacker could retrieve the administration user and passwords from the Server Manager. This could lead to a potential compromise of the entire JDE…
Critical
Oracle
07/28/2016
By exploiting this vulnerability, an unauthenticated attacker could create users in the Server Manager, ultimately compromising the entire JDE landscape and all of its information and processes.
High
Oracle
07/28/2016
By exploiting this vulnerability, an unauthenticated attacker could remotely shutdown the entire JD Edwards infrastructure.
07/20/2016
By exploiting this vulnerability, a remote unauthenticated attacker could access arbitrary business information from the SAP system.
07/20/2016
By exploiting this vulnerability, an unauthenticated attacker could access and modify any information indexed by the SAP system.
07/20/2016
By exploiting this vulnerability, a remote attacker may obtain clear-text passwords of SAP HANA users and get critical information.
Low
SAP
07/20/2016
By exploiting this vulnerability, an attacker could access business information indexed by the SAP system.
Medium
SAP
07/20/2016
By exploiting this vulnerability, a remote unauthenticated attacker could obtain technical information about the SAP HANA Platform that can be used to perform more complex attacks.
High
SAP
07/20/2016
By exploiting this vulnerability, an attacker could tamper the audit logs, hiding his evidence of an attack to a HANA system.

Fordern Sie eine kostenlose
Geschäftsrisiko-Illustration an

Untersuchen Sie die Sicherheitslage und das Risiko Ihrer geschäftskritischen Anwendungen, um die möglichen Auswirkungen eines Cyberangriffs auf Ihr Unternehmen zu ermitteln.

Assessment Anfordern