Security Advisories

The Onapsis Research Labs delivers regular SAP® and Oracle® vulnerability research to our ecosystem of customers, partners and the information security industry.

Onapsis security advisories enable customers to better understand the security and business implications of discovered SAP and Oracle security issues. This enables organizations to prioritize patches, updates and their remediation strategies to ensure continuity of the business. Onapsis security advisories, together with vendor patches and security notes, are available for download to provide vendors and end-users with the necessary information to mitigate advanced threats to mission-critical applications running on SAP and Oracle.

High
SAP
06/13/2017
By exploiting this vulnerability, a remote unauthenticated attacker would be able to gain access to SAP systems potentially compromising its information and processes.
Medium
SAP
09/21/2016
By exploiting this vulnerability, an attacker could tamper the audit logs, hiding the evidence after an attack to a SAP system.
Medium
SAP
09/21/2016
By exploiting this vulnerability, an attacker could obtain access to additional SAP systems, therefore potentially compromising these systems, as well as the information stored and processed by them.
Medium
Oracle
09/21/2016
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
09/21/2016
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
Medium
Oracle
09/21/2016
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
Medium
Oracle
09/21/2016
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
Medium
Oracle
09/21/2016
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
Medium
Oracle
09/21/2016
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
Medium
SAP
09/21/2016
By exploiting this vulnerability, an attacker could bypass protections implemented in the SAP systems, potentially executing arbitrary business processes.
Low
SAP
09/21/2016
By exploiting this vulnerability, an attacker could potentially abuse technical functions to access and/or compromise business information.
High
SAP
09/21/2016
By exploiting this vulnerability, an attacker could tamper the audit logs, hiding evidence after an attack to a SAP system.

Request a
Business Risk Illustration

Examine the security posture and risk exposure of your business-critical applications to determine the potential impact of a cyberattack on your organization.

Engage