=====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN468
_____________________________________________________________________

DATE                : 15/09/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running SAP Business Client,
                SAP NetWeaver Application Server Java, SAP Business One,
          SAP S/4HANA,, SAP LT Replication Server, SAP LTRS for S/4HANA,
           SAP Test Data Migration Server, SAP Landscape Transformation,
            SAP NetWeaver, SAP NetWeaver Knowledge Management XML Forms,
            SAP Contact Center, SAP Web Dispatcher, SAP CommonCryptoLib,
                 SAP Analysis for Microsoft Office, SAP Business Client,
      SAP BusinessObjects Business Intelligence Platform (BI Workspace),
                        SAP ERP Financial Accounting (RFOPENPOSTING_FR),
       SAP NetWeaver Enterprise Portal, SAP 3D Visual Enterprise Viewer.

=====================================================================
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405
_____________________________________________________________________

 SAP Security Patch Day – September 2021


    Created by Risham Guram, last modified by Aditi Kulkarni on Sep 14, 2021



This post by SAP Product Security Response Team shares information on
Patch Day Security Notes* that are released on second Tuesday of every
month and fix vulnerabilities discovered in SAP products. SAP strongly
recommends that the customer visits the Support Portal and applies
patches on a priority to protect their SAP landscape.

On 14th of September 2021, SAP Security Patch Day saw the release of 17
Security Notes. There were 2 updates to previously released Patch Day
Security Note.

List of security notes released on September Patch Day:

Note#	Title	Severity	CVSS

2622660	   Update to Security Note released on April 2018 Patch Day:
Security updates for the browser control Google Chromium delivered with
SAP Business Client     Product – SAP Business Client, Version – 6.5
HotNews       10

3078609	    [CVE-2021-37535] Missing Authorization check in SAP
NetWeaver Application Server for Java (JMS Connector Service)
Product - SAP NetWeaver Application Server Java (JMS Connector Service)
, Versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50
 HotNews      10

3071984	   Update to Security Note released on August 2021 Patch Day:
[CVE-2021-33698] Unrestricted File Upload vulnerability in SAP Business
One Product - SAP Business One, Versions - 10.0
HotNews      9.9

3089831	     [CVE-2021-38176] SQL Injection vulnerability in SAP NZDT
Mapping Table Framework
Product - SAP S/4HANA, Versions - 1511, 1610, 1709, 1809, 1909, 2020, 2021
Product - SAP LT Replication Server, Versions - 2.0, 3.0
Product - SAP LTRS for S/4HANA, Version - 1.0
Product - SAP Test Data Migration Server, Version - 4.0
Product - SAP Landscape Transformation, Version - 2.0
HotNews	        9.9

3084487	    [CVE-2021-38163] Unrestricted File Upload vulnerability in
SAP NetWeaver (Visual Composer 7.0 RT)
Product - SAP NetWeaver (Visual Composer 7.0 RT) , Versions - 7.30,
7.31, 7.40, 7.50
 HotNews      9.9

3081888	    [CVE-2021-37531] Code Injection vulnerability in SAP
NetWeaver Knowledge Management (XMLForms)
Product - SAP NetWeaver Knowledge Management XML Forms , Versions -
7.10, 7.11, 7.30, 7.31, 7.40, 7.50
 HotNews       9.9

3073891	    [CVE-2021-33672] Multiple vulnerabilities in SAP Contact Center
Additional CVEs - CVE-2021-33673, CVE-2021-33674, CVE-2021-33675
Product - SAP Contact Center, Version - 700
HotNews	      9.6

3080567	   [CVE-2021-38162] HTTP Request Smuggling in SAP Web Dispatcher
Product - SAP Web Dispatcher , Versions - WEBDISP - 7.49, 7.53, 7.77,
7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49,
7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83
High       8.9

3051787	   [CVE-2021-38177] Null Pointer Dereference vulnerability in
SAP CommonCryptoLib
Product - SAP CommonCryptoLib , Versions - 8.5.38 or lower
High      7.5

3069032	    [CVE-2021-33685] Directory Traversal vulnerability in SAP
Business One
Product - SAP Business One, Versions - 10.0
Medium      6.5

3082500	    [CVE-2021-38175] Information Disclosure in SAP Analysis for
Microsoft Office
Product - SAP Analysis for Microsoft Office , Version - 2.8
Medium      6.5

3060621	   [CVE-2021-38150] Information disclosure in SAP Business Client
Product - SAP Business Client , Versions - 7.0, 7.70
Medium      6.1

3055180	   [CVE-2021-33679] Cross-Site Scripting (XSS) vulnerability in
SAP BusinessObjects Business Intelligence Platform (BI Workspace)
Product - SAP BusinessObjects Business Intelligence Platform (BI
Workspace) , Version - 420
Medium       5.4

3068582	    [CVE-2021-38164] Missing Authorization check in in SAP ERP
Financial Accounting / RFOPENPOSTING_FR
Product - SAP ERP Financial Accounting (RFOPENPOSTING_FR) , Versions -
SAP_APPL - 600, 602, 603, 604, 605, 606, 616, SAP_FIN - 617, 618, 700,
720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105
 Medium       5.4

3070138	    [CVE-2021-33686] Information Disclosure in SAP Business One
Product - SAP Business One, Version - 10.0
Medium	      5.3

3082219	    [CVE-2021-21489] Cross-Site Scripting (XSS) vulnerability in
SAP NetWeaver Enterprise Portal
Product - SAP NetWeaver Enterprise Portal, Versions - 7.10, 7.11, 7.20,
7.30, 7.31, 7.40, 7.50
Medium	      4.8

3069882	    [CVE-2021-33688] SQL Injection vulnerability in SAP Business One
Product - SAP Business One, Version - 10.0
Medium	      4.3

3075546	  [CVE-2021-37532] Directory Listing Enabled in SAP Business One
Product - SAP Business One, Version - 10.0
Medium	      4.3

3087791	   [CVE-2021-38174] Improper Input Validation in SAP 3D Visual
Enterprise Viewer
Product - SAP 3D Visual Enterprise Viewer, Version - 9.0
Medium	      4.3


Vulnerability Type Distribution -  September 2021

#Multiple vulnerabilities on same product can be fixed by one security
note.


Security Notes vs Priority Distribution (April– September 2021)**


* Patch Day Security Notes are all notes that appear under the category
of “Patch Day Notes” in SAP Support Portal

** Any Patch Day Security Note released after the second Tuesday, will
be accounted for in the following SAP Security Patch Day.


Customers who would like to take a look at all Security Notes published
or updated after August 10, 2021, go to Launchpad Expert Search → Filter
'SAP Security Notes' released between 'August 11, 2021 - September 14,
2021' → Go.

To know more about the security researchers and research companies who
have contributed for security patches of this month, visit SAP Product
Security Response Acknowledgement Page.

Do write to us at secure@sap.com with all your comments and feedback on
this blog post.


SAP Product Security Response Team


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================