SAP Products July 2024 Routine Security Update Advisory

Overview

SAP has released an update to address a vulnerability in their products. Users of affected versions are advised to update to the latest version.

 

Affected Products

CVE-2024-39592

  • SAP PDCE S4CORE 102, 103 versions 
  • SAP PDCE S4COREOP 104, 105, 106, 107, 108 versions

     

Resolved Vulnerabilities

An element in PDCE does not perform the required privilege checks on authenticated users, which could result in privilege escalation and allow an attacker to read sensitive information (CVE-2024-39592)
 

Vulnerability Patches

Vulnerability patches were made available in the latest update. Please follow the instructions on the Referenced Sites[1] to update to the latest Vulnerability Patches version.

 

Referenced Sites

[1] SAP Security Patch Day – July 2024

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2024.html

[2] CVE-2024-39592 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-39592

Article Link: SAP Products July 2024 Routine Security Update Advisory – ASEC