Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

January 14, 2014
12:03 am

Update 1 to security note 1744747, SAP security note 1754772

Description

Security note 1744747 has been rereleased with additional workarounds.

Available fix and Supported packages

SAP-CRMJAV | 700 | 700
SAP-CRMJAV | 701 | 701
SAP-CRMJAV | 702 | 702
SAP-CRMJAV | 731 | 731
SAP-CRMJAV | 730 | 730
SAP-CRMJAV | 732 | 732
SAP-CRMWEB | 700 | 700
SAP-CRMWEB | 701 | 701
SAP-CRMWEB | 702 | 702
SAP-CRMWEB | 731 | 731
SAP-CRMWEB | 730 | 730
SAP-CRMWEB | 732 | 732
SAP-SHRWEB | 700 | 700
SAP-SHRWEB | 701 | 701
SAP-SHRWEB | 702 | 702
SAP-SHRWEB | 731 | 731
SAP-SHRWEB | 730 | 730
SAP-SHRWEB | 732 | 732
SAP-SHRJAV | 700 | 700
SAP-SHRJAV | 701 | 701
CRM JAVA APPLICATIONS 7.0 | SP011 | 000014
CRM JAVA APPLICATIONS 7.01 | SP008 | 000015
CRM JAVA APPLICATIONS 7.02 | SP004 | 000003
CRM JAVA APPLICATIONS 7.30 | SP000 | 000050
CRM JAVA APPLICATIONS 7.31 | SP008 | 000014
CRM JAVA APPLICATIONS 7.32 | SP003 | 000008
CRM JAVA COMPONENTS 7.0 | SP011 | 000014
CRM JAVA COMPONENTS 7.01 | SP008 | 000015
CRM JAVA COMPONENTS 7.02 | SP004 | 000003
CRM JAVA COMPONENTS 7.30 | SP000 | 000050
CRM JAVA COMPONENTS 7.31 | SP008 | 000014
CRM JAVA COMPONENTS 7.32 | SP003 | 000008
CRM JAVA WEB COMPONENTS 7.0 | SP011 | 000014
CRM JAVA WEB COMPONENTS 7.01 | SP008 | 000015
CRM JAVA WEB COMPONENTS 7.02 | SP004 | 000003
CRM JAVA WEB COMPONENTS 7.30 | SP000 | 000050
CRM JAVA WEB COMPONENTS 7.31 | SP008 | 000014
CRM JAVA WEB COMPONENTS 7.32 | SP003 | 000008
SAP SHARED JAVA APPLIC. 7.0 | SP011 | 000014
SAP SHARED JAVA APPLIC. 7.01 | SP008 | 000015

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1754772

TAGS

#Stored-cross-site-scripting
#XSS
#CRM-IPC
#CRM-ISA-TEC
#update
#update-note

Explore More

SAP Security Patch Day – June 2025

June 10, 2025

On June 10, 2025, SAP released its monthly Security Patch Day updates, addressing 14 new vulnerabilities across various SAP products and components.

SAP Security Training

May 21, 2025

Discover vulnerabilities through the eyes of an attacker In today’s digital landscape, SAP systems form the backbone of critical business operations for

SAP Security Patch Day RedRays

SAP Security Patch Day – May 2025

May 14, 2025

On May 13, 2025, SAP released its monthly Security Patch Day updates, addressing 18 new vulnerabilities across various SAP products and components.

CVE-2025-31324

[CVE-2025-31324] Critical SAP NetWeaver Vulnerability Fixed: Actively Exploited in the Wild

April 25, 2025

⚠️ CHECK IF YOU’RE VULNERABLE OR COMPROMISED Vulnerable URL Path: /developmentserver/metadatauploader How to Check If You’re Vulnerable: Test if the following URL