CyberNews Briefs

SAP Commerce Critical Security Bug Allows RCE

SAP has reported that they are aware of a critical vulnerability in its SAP Commerce platform, which provides services for e-commerce businesses. The flaw could allow for remote code execution (RCE) that, according to researchers, could compromise or disrupt the application. SAP Commerce’s main offering is in organizing data to be dispersed across multiple channels, allowing companies a leg up in complex supply chain management issues.

The vulnerability affects SAP Commerce versions 1808, 1811, 1905, 2005, and 2011, and ranking 9.9 out of 10 on the CVSS scale, it is categorized as critical in severity. The severity score represents the potential impact on the application if the vulnerability were to be exploited. Onapsis released a Tuesday analysis advising users to mitigate the vulnerability as soon as possible to avoid any further risk.

Read More: SAP Commerce Critical Security Bug Allows RCE

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.