SAP Patches Critical Flaws in MII, NetWeaver Products

10-March-21

This month’s set of patches also includes 4 updates to previously released Patch Day security notes, including updates for two notes rated Hot News (CVSS score 10), which address a missing authorization check in Solution Manager (CVE-2020-6207) and deliver the latest patches for the Chromium browser in Business Client.

The most severe of the newly released security notes addresses a code injection vulnerability in SAP MII. Tracked as CVE-2021-21480, the vulnerability features a CVSS score of 9.9.

Read More…