Security Dashboard
Overview of your SAP security posture and vulnerability status
Total Vulnerabilities
247
Remediated
182
In Progress
41
Critical/High
24
Vulnerability Trend
7 Days30 Days90 Days
Severity Breakdown
Critical
8 vulnerabilities
High
16 vulnerabilities
Medium
112 vulnerabilities
Low
111 vulnerabilities
Recent VulnerabilitiesView All →
| ID | Description | Severity | System | Status |
|---|---|---|---|---|
| CVE-2024-1234 | Missing authorization check in RFC function | Critical | PRD (S/4HANA) | Open |
| SAP-3421897 | SQL injection in custom ABAP report | Critical | QAS (ECC 6.0) | In Progress |
| SAP-3398765 | Cross-site scripting in Fiori launchpad | High | PRD (S/4HANA) | Open |
Vulnerability Definitions
Master catalog of security checks to run during scans (like Scan Controls for vulnerabilities)
Total Definitions
156
Enabled
142
Disabled
14
Critical/High
48
| Definition ID | Name / Category | Severity | Status | Actions | |
|---|---|---|---|---|---|
| DEF-001 | Missing Authorization Check Authorization | Critical | |||
| DEF-002 | SQL Injection Detection Code Security | Critical | |||
| DEF-003 | Cross-Site Scripting (XSS) Code Security | High | |||
| DEF-004 | Insecure ICM Configuration Configuration | Medium |
Vulnerabilities
All detected vulnerabilities across your SAP landscape
| CVE / SAP Note | Description | Severity | System | Discovered | Status |
|---|---|---|---|---|---|
| CVE-2024-1234 | Missing authorization check in RFC function module | Critical | PRD (S/4HANA) | Jan 10, 2025 | Open |
| SAP-3421897 | SQL injection vulnerability in custom ABAP report | Critical | QAS (ECC 6.0) | Jan 8, 2025 | In Progress |
| SAP-3398765 | Cross-site scripting in Fiori launchpad application | High | PRD (S/4HANA) | Jan 5, 2025 | Open |
| CVE-2024-0892 | Privilege escalation via debug authorization | High | DEV (NetWeaver) | Jan 3, 2025 | Resolved |
Remediation Plans
AI-generated remediation plans for detected vulnerabilities
Active Plans
12
Completed
45
Pending Review
8
Avg. Resolution
4.2d
CVE-2024-1234 - Missing Authorization Check
Progress25%
SAP-3421897 - SQL Injection Fix
Progress60%
SAP-3398765 - XSS Vulnerability Patch
Progress10%
Security Scans
Manage and monitor vulnerability scans across your SAP systems
Recent Scans
Full System Scan - PRD
47%
Progress
12
Found
Quick Scan - QAS
3
Critical
8
High
24
Total
Scheduled Weekly Scan
Weekly
Frequency
Security Patches
Available SAP security patches and their deployment status
| SAP Note | Title | Severity | Release Date | Affected Systems | Actions |
|---|---|---|---|---|---|
| 3421897 | Security updates for SAP NetWeaver AS ABAP | Critical | Jan 9, 2025 | PRD, QAS, DEV | |
| 3398765 | XSS vulnerability fix for SAP Fiori Launchpad | High | Jan 7, 2025 | PRD | |
| 3387654 | Information disclosure in SAP Gateway | Medium | Jan 5, 2025 | PRD, QAS |
Patch Releases
SAP Patch Tuesday releases and security bulletins
January 2025 Patch TuesdayLatest
Released January 14, 2025 • 23 Security Notes
Critical
5
High
8
Medium
7
Low
3
December 2024 Patch Tuesday
Released December 10, 2024 • 19 Security Notes
Critical
3
High
6
Medium
8
Low
2