SAP Patches Critical Flaws in MII, NetWeaver Products
10-March-21
This month’s set of patches also includes 4 updates to previously released Patch Day security notes, including updates for two notes rated Hot News (CVSS score 10), which address a missing authorization check in Solution Manager (CVE-2020-6207) and deliver the latest patches for the Chromium browser in Business Client.
The most severe of the newly released security notes addresses a code injection vulnerability in SAP MII. Tracked as CVE-2021-21480, the vulnerability features a CVSS score of 9.9.
