SAP Patches Critical Security Flaws in Monitoring Solutions

08-Mar-22

SAP stated that the problem, identified as CVE-2022-24396 (CVSS 9.3), can be used to gain access to privileged functionality and tamper with sensitive data and configurations.

The only thing preventing it from receiving a CVSS score of 10 is that a successful exploit requires local OS access to the SAP Focused Run system — or to one of the controlled systems.

Read More…