CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

SAP Alerts Customers of Vulnerabilities in Cloud Products

SAP this week revealed that it is notifying customers of a series of security issues that it has identified in its cloud products.

The Germany-based enterprise software maker said it discovered that some of its cloud products “do not meet one or several contractually agreed or statutory IT security standards at present.”

SAP this week revealed that it is notifying customers of a series of security issues that it has identified in its cloud products.

The Germany-based enterprise software maker said it discovered that some of its cloud products “do not meet one or several contractually agreed or statutory IT security standards at present.”

Products affected by these issues, the company says, are Success Factors, Concur, SAP/CallidusCloud Commissions, SAP/Callidus Cloud CPQ, C4C/Sales Cloud, Cloud Platform, and Analytics Cloud.

“These findings were not identified in response to a security incident. As SAP continues with its review, it does not believe that any customer data has been compromised as a result of these issues,” the company wrote in a Form 6-K filed with the United States Securities and Exchange Commission (SEC).

The multinational software corporation believes roughly 9% of its 440,000 customers are affected, and it has decided to inform and support the impacted customers individually.

SAP also said that it decided to update its security-related terms and conditions, to ensure that the affected products “meet relevant terms and conditions.”

Technical remediation for the identified issues is already underway, and the software maker expects the process to be completed in the second quarter of 2020.

“The expenses related to the remediation are expected to be covered within the range of SAP’s current 2020 financial outlook,” the company said.

Advertisement. Scroll to continue reading.

The company did not provide technical details on the identified vulnerabilities, but such information might be released starting next week, on the May 2020 SAP Security Patch Day.

Related: SAP’s April 2020 Security Updates Patch Five Critical Vulnerabilities

Related: Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks

Related: SAP Releases 13 Security Notes on February 2020 Patch Day

Related: SAP Releases 6 Security Notes on January 2020 Patch Day

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.